46 files changed, 1789 insertions, 1544 deletions

diff --git a/arch/s390/kernel/Makefile b/arch/s390/kernel/Makefile
index 64230bc392fa..df3732249baa 100644
--- a/arch/s390/kernel/Makefile
+++ b/arch/s390/kernel/Makefile
@@ -20,10 +20,10 @@ CFLAGS_ptrace.o		+= -DUTS_MACHINE='"$(UTS_MACHINE)"'
 
 CFLAGS_sysinfo.o += -Iinclude/math-emu -Iarch/s390/math-emu -w
 
-obj-y   :=  bitmap.o traps.o time.o process.o base.o early.o setup.o \
-            processor.o sys_s390.o ptrace.o signal.o cpcmd.o ebcdic.o \
-            s390_ext.o debug.o irq.o ipl.o dis.o diag.o mem_detect.o \
-            vdso.o vtime.o sysinfo.o nmi.o sclp.o
+obj-y   :=  bitmap.o traps.o time.o process.o base.o early.o setup.o vtime.o \
+            processor.o sys_s390.o ptrace.o signal.o cpcmd.o ebcdic.o nmi.o \
+            debug.o irq.o ipl.o dis.o diag.o mem_detect.o sclp.o vdso.o \
+            sysinfo.o jump_label.o
 
 obj-y   += $(if $(CONFIG_64BIT),entry64.o,entry.o)
 obj-y   += $(if $(CONFIG_64BIT),reipl64.o,reipl.o)
diff --git a/arch/s390/kernel/asm-offsets.c b/arch/s390/kernel/asm-offsets.c
index 5232278d79ad..edfbd17d7082 100644
--- a/arch/s390/kernel/asm-offsets.c
+++ b/arch/s390/kernel/asm-offsets.c
@@ -23,14 +23,16 @@ int main(void)
 {
         DEFINE(__THREAD_info, offsetof(struct task_struct, stack));
         DEFINE(__THREAD_ksp, offsetof(struct task_struct, thread.ksp));
-        DEFINE(__THREAD_per, offsetof(struct task_struct, thread.per_info));
         DEFINE(__THREAD_mm_segment, offsetof(struct task_struct, thread.mm_segment));
         BLANK();
         DEFINE(__TASK_pid, offsetof(struct task_struct, pid));
         BLANK();
-        DEFINE(__PER_atmid, offsetof(per_struct, lowcore.words.perc_atmid));
-        DEFINE(__PER_address, offsetof(per_struct, lowcore.words.address));
-        DEFINE(__PER_access_id, offsetof(per_struct, lowcore.words.access_id));
+        DEFINE(__THREAD_per_cause,
+               offsetof(struct task_struct, thread.per_event.cause));
+        DEFINE(__THREAD_per_address,
+               offsetof(struct task_struct, thread.per_event.address));
+        DEFINE(__THREAD_per_paid,
+               offsetof(struct task_struct, thread.per_event.paid));
         BLANK();
         DEFINE(__TI_task, offsetof(struct thread_info, task));
         DEFINE(__TI_domain, offsetof(struct thread_info, exec_domain));
@@ -66,9 +68,9 @@ int main(void)
         DEFINE(__VDSO_ECTG_BASE, offsetof(struct vdso_per_cpu_data, ectg_timer_base));
         DEFINE(__VDSO_ECTG_USER, offsetof(struct vdso_per_cpu_data, ectg_user_time));
         /* constants used by the vdso */
-        DEFINE(CLOCK_REALTIME, CLOCK_REALTIME);
-        DEFINE(CLOCK_MONOTONIC, CLOCK_MONOTONIC);
-        DEFINE(CLOCK_REALTIME_RES, MONOTONIC_RES_NSEC);
+        DEFINE(__CLOCK_REALTIME, CLOCK_REALTIME);
+        DEFINE(__CLOCK_MONOTONIC, CLOCK_MONOTONIC);
+        DEFINE(__CLOCK_REALTIME_RES, MONOTONIC_RES_NSEC);
         BLANK();
         /* constants for SIGP */
         DEFINE(__SIGP_STOP, sigp_stop);
@@ -84,9 +86,10 @@ int main(void)
         DEFINE(__LC_SVC_INT_CODE, offsetof(struct _lowcore, svc_code));
         DEFINE(__LC_PGM_ILC, offsetof(struct _lowcore, pgm_ilc));
         DEFINE(__LC_PGM_INT_CODE, offsetof(struct _lowcore, pgm_code));
-        DEFINE(__LC_PER_ATMID, offsetof(struct _lowcore, per_perc_atmid));
+        DEFINE(__LC_TRANS_EXC_CODE, offsetof(struct _lowcore, trans_exc_code));
+        DEFINE(__LC_PER_CAUSE, offsetof(struct _lowcore, per_perc_atmid));
         DEFINE(__LC_PER_ADDRESS, offsetof(struct _lowcore, per_address));
-        DEFINE(__LC_PER_ACCESS_ID, offsetof(struct _lowcore, per_access_id));
+        DEFINE(__LC_PER_PAID, offsetof(struct _lowcore, per_access_id));
         DEFINE(__LC_AR_MODE_ID, offsetof(struct _lowcore, ar_access_id));
         DEFINE(__LC_SUBCHANNEL_ID, offsetof(struct _lowcore, subchannel_id));
         DEFINE(__LC_SUBCHANNEL_NR, offsetof(struct _lowcore, subchannel_nr));
@@ -121,13 +124,11 @@ int main(void)
         DEFINE(__LC_LAST_UPDATE_TIMER, offsetof(struct _lowcore, last_update_timer));
         DEFINE(__LC_LAST_UPDATE_CLOCK, offsetof(struct _lowcore, last_update_clock));
         DEFINE(__LC_CURRENT, offsetof(struct _lowcore, current_task));
+        DEFINE(__LC_CURRENT_PID, offsetof(struct _lowcore, current_pid));
         DEFINE(__LC_THREAD_INFO, offsetof(struct _lowcore, thread_info));
         DEFINE(__LC_KERNEL_STACK, offsetof(struct _lowcore, kernel_stack));
         DEFINE(__LC_ASYNC_STACK, offsetof(struct _lowcore, async_stack));
         DEFINE(__LC_PANIC_STACK, offsetof(struct _lowcore, panic_stack));
-        DEFINE(__LC_KERNEL_ASCE, offsetof(struct _lowcore, kernel_asce));
-        DEFINE(__LC_USER_ASCE, offsetof(struct _lowcore, user_asce));
-        DEFINE(__LC_USER_EXEC_ASCE, offsetof(struct _lowcore, user_exec_asce));
         DEFINE(__LC_INT_CLOCK, offsetof(struct _lowcore, int_clock));
         DEFINE(__LC_MCCK_CLOCK, offsetof(struct _lowcore, mcck_clock));
         DEFINE(__LC_MACHINE_FLAGS, offsetof(struct _lowcore, machine_flags));
@@ -142,10 +143,8 @@ int main(void)
         DEFINE(__LC_GPREGS_SAVE_AREA, offsetof(struct _lowcore, gpregs_save_area));
         DEFINE(__LC_CREGS_SAVE_AREA, offsetof(struct _lowcore, cregs_save_area));
 #ifdef CONFIG_32BIT
-        DEFINE(__LC_PFAULT_INTPARM, offsetof(struct _lowcore, ext_params));
         DEFINE(SAVE_AREA_BASE, offsetof(struct _lowcore, extended_save_area_addr));
 #else /* CONFIG_32BIT */
-        DEFINE(__LC_PFAULT_INTPARM, offsetof(struct _lowcore, ext_params2));
         DEFINE(__LC_EXT_PARAMS2, offsetof(struct _lowcore, ext_params2));
         DEFINE(SAVE_AREA_BASE, offsetof(struct _lowcore, floating_pt_save_area));
         DEFINE(__LC_PASTE, offsetof(struct _lowcore, paste));
diff --git a/arch/s390/kernel/compat_linux.c b/arch/s390/kernel/compat_linux.c
index 1e6449c79ab6..53acaa86dd94 100644
--- a/arch/s390/kernel/compat_linux.c
+++ b/arch/s390/kernel/compat_linux.c
@@ -25,7 +25,6 @@
 #include <linux/resource.h>
 #include <linux/times.h>
 #include <linux/smp.h>
-#include <linux/smp_lock.h>
 #include <linux/sem.h>
 #include <linux/msg.h>
 #include <linux/shm.h>
diff --git a/arch/s390/kernel/compat_ptrace.h b/arch/s390/kernel/compat_ptrace.h
index 123dd660d7fb..12b823833510 100644
--- a/arch/s390/kernel/compat_ptrace.h
+++ b/arch/s390/kernel/compat_ptrace.h
@@ -4,40 +4,19 @@
 #include <asm/ptrace.h>    /* needed for NUM_CR_WORDS */
 #include "compat_linux.h"  /* needed for psw_compat_t */
 
-typedef struct {
-        __u32 cr[NUM_CR_WORDS];
-} per_cr_words32;
-
-typedef struct {
-        __u16          perc_atmid;          /* 0x096 */
-        __u32          address;             /* 0x098 */
-        __u8           access_id;           /* 0x0a1 */
-} per_lowcore_words32;
-
-typedef struct {
-        union {
-                per_cr_words32   words;
-        } control_regs;
-        /*
-         * Use these flags instead of setting em_instruction_fetch
-         * directly they are used so that single stepping can be
-         * switched on & off while not affecting other tracing
-         */
-        unsigned  single_step       : 1;
-        unsigned  instruction_fetch : 1;
-        unsigned                    : 30;
-        /*
-         * These addresses are copied into cr10 & cr11 if single
-         * stepping is switched off
-         */
-        __u32     starting_addr;
-        __u32     ending_addr;
-        union {
-                per_lowcore_words32 words;
-        } lowcore; 
-} per_struct32;
+struct compat_per_struct_kernel {
+        __u32 cr9;              /* PER control bits */
+        __u32 cr10;             /* PER starting address */
+        __u32 cr11;             /* PER ending address */
+        __u32 bits;             /* Obsolete software bits */
+        __u32 starting_addr;    /* User specified start address */
+        __u32 ending_addr;      /* User specified end address */
+        __u16 perc_atmid;       /* PER trap ATMID */
+        __u32 address;          /* PER trap instruction address */
+        __u8  access_id;        /* PER trap access identification */
+};
 
-struct user_regs_struct32
+struct compat_user_regs_struct
 {
         psw_compat_t psw;
         u32 gprs[NUM_GPRS];
@@ -50,15 +29,14 @@ struct user_regs_struct32
          * itself as there is no "official" ptrace interface for hardware
          * watchpoints. This is the way intel does it.
          */
-        per_struct32 per_info;
-        u32  ieee_instruction_pointer; 
-        /* Used to give failing instruction back to user for ieee exceptions */
+        struct compat_per_struct_kernel per_info;
+        u32  ieee_instruction_pointer;  /* obsolete, always 0 */
 };
 
-struct user32 {
+struct compat_user {
         /* We start with the registers, to mimic the way that "memory"
            is returned from the ptrace(3,...) function.  */
-        struct user_regs_struct32 regs; /* Where the registers are actually stored */
+        struct compat_user_regs_struct regs;
         /* The rest of this junk is to help gdb figure out what goes where */
         u32 u_tsize;            /* Text segment size (pages). */
         u32 u_dsize;            /* Data segment size (pages). */
@@ -80,6 +58,6 @@ typedef struct
         __u32   len;
         __u32   kernel_addr;
         __u32   process_addr;
-} ptrace_area_emu31;
+} compat_ptrace_area;
 
 #endif /* _PTRACE32_H */
diff --git a/arch/s390/kernel/compat_wrapper.S b/arch/s390/kernel/compat_wrapper.S
index 8e60fb23b90d..1f5eb789c3a7 100644
--- a/arch/s390/kernel/compat_wrapper.S
+++ b/arch/s390/kernel/compat_wrapper.S
@@ -1877,3 +1877,36 @@ sys_prlimit64_wrapper:
         llgtr   %r4,%r4                 # const struct rlimit64 __user *
         llgtr   %r5,%r5                 # struct rlimit64 __user *
         jg      sys_prlimit64           # branch to system call
+
+        .globl  sys_name_to_handle_at_wrapper
+sys_name_to_handle_at_wrapper:
+        lgfr    %r2,%r2                 # int
+        llgtr   %r3,%r3                 # const char __user *
+        llgtr   %r4,%r4                 # struct file_handle __user *
+        llgtr   %r5,%r5                 # int __user *
+        lgfr    %r6,%r6                 # int
+        jg      sys_name_to_handle_at
+
+        .globl  compat_sys_open_by_handle_at_wrapper
+compat_sys_open_by_handle_at_wrapper:
+        lgfr    %r2,%r2                 # int
+        llgtr   %r3,%r3                 # struct file_handle __user *
+        lgfr    %r4,%r4                 # int
+        jg      compat_sys_open_by_handle_at
+
+        .globl  compat_sys_clock_adjtime_wrapper
+compat_sys_clock_adjtime_wrapper:
+        lgfr    %r2,%r2                 # clockid_t (int)
+        llgtr   %r3,%r3                 # struct compat_timex __user *
+        jg      compat_sys_clock_adjtime
+
+        .globl  sys_syncfs_wrapper
+sys_syncfs_wrapper:
+        lgfr    %r2,%r2                 # int
+        jg      sys_syncfs
+
+        .globl  sys_setns_wrapper
+sys_setns_wrapper:
+        lgfr    %r2,%r2                 # int
+        lgfr    %r3,%r3                 # int
+        jg      sys_setns
diff --git a/arch/s390/kernel/debug.c b/arch/s390/kernel/debug.c
index 98192261491d..5ad6bc078bfd 100644
--- a/arch/s390/kernel/debug.c
+++ b/arch/s390/kernel/debug.c
@@ -174,6 +174,7 @@ static const struct file_operations debug_file_ops = {
         .write   = debug_input,
         .open    = debug_open,
         .release = debug_close,
+        .llseek  = no_llseek,
 };
 
 static struct dentry *debug_debugfs_root_entry;
diff --git a/arch/s390/kernel/diag.c b/arch/s390/kernel/diag.c
index c032d11da8a1..8237fc07ac79 100644
--- a/arch/s390/kernel/diag.c
+++ b/arch/s390/kernel/diag.c
@@ -9,27 +9,6 @@
 #include <asm/diag.h>
 
 /*
- * Diagnose 10: Release pages
- */
-void diag10(unsigned long addr)
-{
-        if (addr >= 0x7ff00000)
-                return;
-        asm volatile(
-#ifdef CONFIG_64BIT
-                "       sam31\n"
-                "       diag    %0,%0,0x10\n"
-                "0:     sam64\n"
-#else
-                "       diag    %0,%0,0x10\n"
-                "0:\n"
-#endif
-                EX_TABLE(0b, 0b)
-                : : "a" (addr));
-}
-EXPORT_SYMBOL(diag10);
-
-/*
  * Diagnose 14: Input spool file manipulation
  */
 int diag14(unsigned long rx, unsigned long ry1, unsigned long subcode)
diff --git a/arch/s390/kernel/dis.c b/arch/s390/kernel/dis.c
index b39b27d68b45..1ca3d1d6a86c 100644
--- a/arch/s390/kernel/dis.c
+++ b/arch/s390/kernel/dis.c
@@ -30,9 +30,9 @@
 #include <asm/atomic.h>
 #include <asm/mathemu.h>
 #include <asm/cpcmd.h>
-#include <asm/s390_ext.h>
 #include <asm/lowcore.h>
 #include <asm/debug.h>
+#include <asm/irq.h>
 
 #ifndef CONFIG_64BIT
 #define ONELONG "%08lx: "
@@ -113,7 +113,7 @@ enum {
         INSTR_INVALID,
         INSTR_E,
         INSTR_RIE_R0IU, INSTR_RIE_R0UU, INSTR_RIE_RRP, INSTR_RIE_RRPU,
-        INSTR_RIE_RRUUU, INSTR_RIE_RUPI, INSTR_RIE_RUPU,
+        INSTR_RIE_RRUUU, INSTR_RIE_RUPI, INSTR_RIE_RUPU, INSTR_RIE_RRI0,
         INSTR_RIL_RI, INSTR_RIL_RP, INSTR_RIL_RU, INSTR_RIL_UP,
         INSTR_RIS_R0RDU, INSTR_RIS_R0UU, INSTR_RIS_RURDI, INSTR_RIS_RURDU,
         INSTR_RI_RI, INSTR_RI_RP, INSTR_RI_RU, INSTR_RI_UP,
@@ -122,13 +122,14 @@ enum {
         INSTR_RRE_RR, INSTR_RRE_RR_OPT,
         INSTR_RRF_0UFF, INSTR_RRF_F0FF, INSTR_RRF_F0FF2, INSTR_RRF_F0FR,
         INSTR_RRF_FFRU, INSTR_RRF_FUFF, INSTR_RRF_M0RR, INSTR_RRF_R0RR,
-        INSTR_RRF_RURR, INSTR_RRF_U0FF, INSTR_RRF_U0RF, INSTR_RRF_U0RR,
-        INSTR_RRF_UUFF, INSTR_RRR_F0FF, INSTR_RRS_RRRDU,
+        INSTR_RRF_R0RR2, INSTR_RRF_RURR, INSTR_RRF_U0FF, INSTR_RRF_U0RF,
+        INSTR_RRF_U0RR, INSTR_RRF_UUFF, INSTR_RRR_F0FF, INSTR_RRS_RRRDU,
         INSTR_RR_FF, INSTR_RR_R0, INSTR_RR_RR, INSTR_RR_U0, INSTR_RR_UR,
         INSTR_RSE_CCRD, INSTR_RSE_RRRD, INSTR_RSE_RURD,
         INSTR_RSI_RRP,
         INSTR_RSL_R0RD,
         INSTR_RSY_AARD, INSTR_RSY_CCRD, INSTR_RSY_RRRD, INSTR_RSY_RURD,
+        INSTR_RSY_RDRM,
         INSTR_RS_AARD, INSTR_RS_CCRD, INSTR_RS_R0RD, INSTR_RS_RRRD,
         INSTR_RS_RURD,
         INSTR_RXE_FRRD, INSTR_RXE_RRRD,
@@ -139,7 +140,7 @@ enum {
         INSTR_SIY_IRD, INSTR_SIY_URD,
         INSTR_SI_URD,
         INSTR_SSE_RDRD,
-        INSTR_SSF_RRDRD,
+        INSTR_SSF_RRDRD, INSTR_SSF_RRDRD2,
         INSTR_SS_L0RDRD, INSTR_SS_LIRDRD, INSTR_SS_LLRDRD, INSTR_SS_RRRDRD,
         INSTR_SS_RRRDRD2, INSTR_SS_RRRDRD3,
         INSTR_S_00, INSTR_S_RD,
@@ -152,7 +153,7 @@ struct operand {
 };
 
 struct insn {
-        const char name[6];
+        const char name[5];
         unsigned char opfrag;
         unsigned char format;
 };
@@ -217,6 +218,7 @@ static const unsigned char formats[][7] = {
         [INSTR_RIE_RRP]   = { 0xff, R_8,R_12,J16_16,0,0,0 },
         [INSTR_RIE_RRUUU] = { 0xff, R_8,R_12,U8_16,U8_24,U8_32,0 },
         [INSTR_RIE_RUPI]  = { 0xff, R_8,I8_32,U4_12,J16_16,0,0 },
+        [INSTR_RIE_RRI0]  = { 0xff, R_8,R_12,I16_16,0,0,0 },
         [INSTR_RIL_RI]    = { 0x0f, R_8,I32_16,0,0,0,0 },
         [INSTR_RIL_RP]    = { 0x0f, R_8,J32_16,0,0,0,0 },
         [INSTR_RIL_RU]    = { 0x0f, R_8,U32_16,0,0,0,0 },
@@ -248,6 +250,7 @@ static const unsigned char formats[][7] = {
         [INSTR_RRF_FUFF]  = { 0xff, F_24,F_16,F_28,U4_20,0,0 },
         [INSTR_RRF_M0RR]  = { 0xff, R_24,R_28,M_16,0,0,0 },
         [INSTR_RRF_R0RR]  = { 0xff, R_24,R_16,R_28,0,0,0 },
+        [INSTR_RRF_R0RR2] = { 0xff, R_24,R_28,R_16,0,0,0 },
         [INSTR_RRF_RURR]  = { 0xff, R_24,R_28,R_16,U4_20,0,0 },
         [INSTR_RRF_U0FF]  = { 0xff, F_24,U4_16,F_28,0,0,0 },
         [INSTR_RRF_U0RF]  = { 0xff, R_24,U4_16,F_28,0,0,0 },
@@ -269,6 +272,7 @@ static const unsigned char formats[][7] = {
         [INSTR_RSY_CCRD]  = { 0xff, C_8,C_12,D20_20,B_16,0,0 },
         [INSTR_RSY_RRRD]  = { 0xff, R_8,R_12,D20_20,B_16,0,0 },
         [INSTR_RSY_RURD]  = { 0xff, R_8,U4_12,D20_20,B_16,0,0 },
+        [INSTR_RSY_RDRM]  = { 0xff, R_8,D20_20,B_16,U4_12,0,0 },
         [INSTR_RS_AARD]   = { 0xff, A_8,A_12,D_20,B_16,0,0 },
         [INSTR_RS_CCRD]   = { 0xff, C_8,C_12,D_20,B_16,0,0 },
         [INSTR_RS_R0RD]   = { 0xff, R_8,D_20,B_16,0,0,0 },
@@ -290,6 +294,7 @@ static const unsigned char formats[][7] = {
         [INSTR_SI_URD]    = { 0xff, D_20,B_16,U8_8,0,0,0 },
         [INSTR_SSE_RDRD]  = { 0xff, D_20,B_16,D_36,B_32,0,0 },
         [INSTR_SSF_RRDRD] = { 0x00, D_20,B_16,D_36,B_32,R_8,0 },
+        [INSTR_SSF_RRDRD2]= { 0x00, R_8,D_20,B_16,D_36,B_32,0 },
         [INSTR_SS_L0RDRD] = { 0xff, D_20,L8_8,B_16,D_36,B_32,0 },
         [INSTR_SS_LIRDRD] = { 0xff, D_20,L4_8,B_16,D_36,B_32,U4_12 },
         [INSTR_SS_LLRDRD] = { 0xff, D_20,L4_8,B_16,D_36,L4_12,B_32 },
@@ -300,6 +305,36 @@ static const unsigned char formats[][7] = {
         [INSTR_S_RD]      = { 0xff, D_20,B_16,0,0,0,0 },
 };
 
+enum {
+        LONG_INSN_ALGHSIK,
+        LONG_INSN_ALHSIK,
+        LONG_INSN_CLFHSI,
+        LONG_INSN_CLGFRL,
+        LONG_INSN_CLGHRL,
+        LONG_INSN_CLGHSI,
+        LONG_INSN_CLHHSI,
+        LONG_INSN_LLGFRL,
+        LONG_INSN_LLGHRL,
+        LONG_INSN_POPCNT,
+        LONG_INSN_RISBHG,
+        LONG_INSN_RISBLG,
+};
+
+static char *long_insn_name[] = {
+        [LONG_INSN_ALGHSIK] = "alghsik",
+        [LONG_INSN_ALHSIK] = "alhsik",
+        [LONG_INSN_CLFHSI] = "clfhsi",
+        [LONG_INSN_CLGFRL] = "clgfrl",
+        [LONG_INSN_CLGHRL] = "clghrl",
+        [LONG_INSN_CLGHSI] = "clghsi",
+        [LONG_INSN_CLHHSI] = "clhhsi",
+        [LONG_INSN_LLGFRL] = "llgfrl",
+        [LONG_INSN_LLGHRL] = "llghrl",
+        [LONG_INSN_POPCNT] = "popcnt",
+        [LONG_INSN_RISBHG] = "risbhg",
+        [LONG_INSN_RISBLG] = "risblk",
+};
+
 static struct insn opcode[] = {
 #ifdef CONFIG_64BIT
         { "lmd", 0xef, INSTR_SS_RRRDRD3 },
@@ -637,6 +672,7 @@ static struct insn opcode_b2[] = {
         { "rp", 0x77, INSTR_S_RD },
         { "stcke", 0x78, INSTR_S_RD },
         { "sacf", 0x79, INSTR_S_RD },
+        { "spp", 0x80, INSTR_S_RD },
         { "stsi", 0x7d, INSTR_S_RD },
         { "srnm", 0x99, INSTR_S_RD },
         { "stfpc", 0x9c, INSTR_S_RD },
@@ -881,6 +917,35 @@ static struct insn opcode_b9[] = {
         { "pfmf", 0xaf, INSTR_RRE_RR },
         { "trte", 0xbf, INSTR_RRF_M0RR },
         { "trtre", 0xbd, INSTR_RRF_M0RR },
+        { "ahhhr", 0xc8, INSTR_RRF_R0RR2 },
+        { "shhhr", 0xc9, INSTR_RRF_R0RR2 },
+        { "alhhh", 0xca, INSTR_RRF_R0RR2 },
+        { "alhhl", 0xca, INSTR_RRF_R0RR2 },
+        { "slhhh", 0xcb, INSTR_RRF_R0RR2 },
+        { "chhr ", 0xcd, INSTR_RRE_RR },
+        { "clhhr", 0xcf, INSTR_RRE_RR },
+        { "ahhlr", 0xd8, INSTR_RRF_R0RR2 },
+        { "shhlr", 0xd9, INSTR_RRF_R0RR2 },
+        { "slhhl", 0xdb, INSTR_RRF_R0RR2 },
+        { "chlr", 0xdd, INSTR_RRE_RR },
+        { "clhlr", 0xdf, INSTR_RRE_RR },
+        { { 0, LONG_INSN_POPCNT }, 0xe1, INSTR_RRE_RR },
+        { "locgr", 0xe2, INSTR_RRF_M0RR },
+        { "ngrk", 0xe4, INSTR_RRF_R0RR2 },
+        { "ogrk", 0xe6, INSTR_RRF_R0RR2 },
+        { "xgrk", 0xe7, INSTR_RRF_R0RR2 },
+        { "agrk", 0xe8, INSTR_RRF_R0RR2 },
+        { "sgrk", 0xe9, INSTR_RRF_R0RR2 },
+        { "algrk", 0xea, INSTR_RRF_R0RR2 },
+        { "slgrk", 0xeb, INSTR_RRF_R0RR2 },
+        { "locr", 0xf2, INSTR_RRF_M0RR },
+        { "nrk", 0xf4, INSTR_RRF_R0RR2 },
+        { "ork", 0xf6, INSTR_RRF_R0RR2 },
+        { "xrk", 0xf7, INSTR_RRF_R0RR2 },
+        { "ark", 0xf8, INSTR_RRF_R0RR2 },
+        { "srk", 0xf9, INSTR_RRF_R0RR2 },
+        { "alrk", 0xfa, INSTR_RRF_R0RR2 },
+        { "slrk", 0xfb, INSTR_RRF_R0RR2 },
 #endif
         { "kmac", 0x1e, INSTR_RRE_RR },
         { "lrvr", 0x1f, INSTR_RRE_RR },
@@ -949,9 +1014,9 @@ static struct insn opcode_c4[] = {
         { "lgfrl", 0x0c, INSTR_RIL_RP },
         { "lhrl", 0x05, INSTR_RIL_RP },
         { "lghrl", 0x04, INSTR_RIL_RP },
-        { "llgfrl", 0x0e, INSTR_RIL_RP },
+        { { 0, LONG_INSN_LLGFRL }, 0x0e, INSTR_RIL_RP },
         { "llhrl", 0x02, INSTR_RIL_RP },
-        { "llghrl", 0x06, INSTR_RIL_RP },
+        { { 0, LONG_INSN_LLGHRL }, 0x06, INSTR_RIL_RP },
         { "strl", 0x0f, INSTR_RIL_RP },
         { "stgrl", 0x0b, INSTR_RIL_RP },
         { "sthrl", 0x07, INSTR_RIL_RP },
@@ -968,9 +1033,9 @@ static struct insn opcode_c6[] = {
         { "cghrl", 0x04, INSTR_RIL_RP },
         { "clrl", 0x0f, INSTR_RIL_RP },
         { "clgrl", 0x0a, INSTR_RIL_RP },
-        { "clgfrl", 0x0e, INSTR_RIL_RP },
+        { { 0, LONG_INSN_CLGFRL }, 0x0e, INSTR_RIL_RP },
         { "clhrl", 0x07, INSTR_RIL_RP },
-        { "clghrl", 0x06, INSTR_RIL_RP },
+        { { 0, LONG_INSN_CLGHRL }, 0x06, INSTR_RIL_RP },
         { "pfdrl", 0x02, INSTR_RIL_UP },
         { "exrl", 0x00, INSTR_RIL_RP },
 #endif
@@ -982,6 +1047,20 @@ static struct insn opcode_c8[] = {
         { "mvcos", 0x00, INSTR_SSF_RRDRD },
         { "ectg", 0x01, INSTR_SSF_RRDRD },
         { "csst", 0x02, INSTR_SSF_RRDRD },
+        { "lpd", 0x04, INSTR_SSF_RRDRD2 },
+        { "lpdg ", 0x05, INSTR_SSF_RRDRD2 },
+#endif
+        { "", 0, INSTR_INVALID }
+};
+
+static struct insn opcode_cc[] = {
+#ifdef CONFIG_64BIT
+        { "brcth", 0x06, INSTR_RIL_RP },
+        { "aih", 0x08, INSTR_RIL_RI },
+        { "alsih", 0x0a, INSTR_RIL_RI },
+        { "alsih", 0x0b, INSTR_RIL_RI },
+        { "cih", 0x0d, INSTR_RIL_RI },
+        { "clih ", 0x0f, INSTR_RIL_RI },
 #endif
         { "", 0, INSTR_INVALID }
 };
@@ -1063,6 +1142,16 @@ static struct insn opcode_e3[] = {
         { "mfy", 0x5c, INSTR_RXY_RRRD },
         { "mhy", 0x7c, INSTR_RXY_RRRD },
         { "pfd", 0x36, INSTR_RXY_URRD },
+        { "lbh", 0xc0, INSTR_RXY_RRRD },
+        { "llch", 0xc2, INSTR_RXY_RRRD },
+        { "stch", 0xc3, INSTR_RXY_RRRD },
+        { "lhh", 0xc4, INSTR_RXY_RRRD },
+        { "llhh", 0xc6, INSTR_RXY_RRRD },
+        { "sthh", 0xc7, INSTR_RXY_RRRD },
+        { "lfh", 0xca, INSTR_RXY_RRRD },
+        { "stfh", 0xcb, INSTR_RXY_RRRD },
+        { "chf", 0xcd, INSTR_RXY_RRRD },
+        { "clhf", 0xcf, INSTR_RXY_RRRD },
 #endif
         { "lrv", 0x1e, INSTR_RXY_RRRD },
         { "lrvh", 0x1f, INSTR_RXY_RRRD },
@@ -1080,9 +1169,9 @@ static struct insn opcode_e5[] = {
         { "chhsi", 0x54, INSTR_SIL_RDI },
         { "chsi", 0x5c, INSTR_SIL_RDI },
         { "cghsi", 0x58, INSTR_SIL_RDI },
-        { "clhhsi", 0x55, INSTR_SIL_RDU },
-        { "clfhsi", 0x5d, INSTR_SIL_RDU },
-        { "clghsi", 0x59, INSTR_SIL_RDU },
+        { { 0, LONG_INSN_CLHHSI }, 0x55, INSTR_SIL_RDU },
+        { { 0, LONG_INSN_CLFHSI }, 0x5d, INSTR_SIL_RDU },
+        { { 0, LONG_INSN_CLGHSI }, 0x59, INSTR_SIL_RDU },
         { "mvhhi", 0x44, INSTR_SIL_RDI },
         { "mvhi", 0x4c, INSTR_SIL_RDI },
         { "mvghi", 0x48, INSTR_SIL_RDI },
@@ -1137,6 +1226,24 @@ static struct insn opcode_eb[] = {
         { "alsi", 0x6e, INSTR_SIY_IRD },
         { "algsi", 0x7e, INSTR_SIY_IRD },
         { "ecag", 0x4c, INSTR_RSY_RRRD },
+        { "srak", 0xdc, INSTR_RSY_RRRD },
+        { "slak", 0xdd, INSTR_RSY_RRRD },
+        { "srlk", 0xde, INSTR_RSY_RRRD },
+        { "sllk", 0xdf, INSTR_RSY_RRRD },
+        { "locg", 0xe2, INSTR_RSY_RDRM },
+        { "stocg", 0xe3, INSTR_RSY_RDRM },
+        { "lang", 0xe4, INSTR_RSY_RRRD },
+        { "laog", 0xe6, INSTR_RSY_RRRD },
+        { "laxg", 0xe7, INSTR_RSY_RRRD },
+        { "laag", 0xe8, INSTR_RSY_RRRD },
+        { "laalg", 0xea, INSTR_RSY_RRRD },
+        { "loc", 0xf2, INSTR_RSY_RDRM },
+        { "stoc", 0xf3, INSTR_RSY_RDRM },
+        { "lan", 0xf4, INSTR_RSY_RRRD },
+        { "lao", 0xf6, INSTR_RSY_RRRD },
+        { "lax", 0xf7, INSTR_RSY_RRRD },
+        { "laa", 0xf8, INSTR_RSY_RRRD },
+        { "laal", 0xfa, INSTR_RSY_RRRD },
 #endif
         { "rll", 0x1d, INSTR_RSY_RRRD },
         { "mvclu", 0x8e, INSTR_RSY_RRRD },
@@ -1172,6 +1279,12 @@ static struct insn opcode_ec[] = {
         { "rxsbg", 0x57, INSTR_RIE_RRUUU },
         { "rosbg", 0x56, INSTR_RIE_RRUUU },
         { "risbg", 0x55, INSTR_RIE_RRUUU },
+        { { 0, LONG_INSN_RISBLG }, 0x51, INSTR_RIE_RRUUU },
+        { { 0, LONG_INSN_RISBHG }, 0x5D, INSTR_RIE_RRUUU },
+        { "ahik", 0xd8, INSTR_RIE_RRI0 },
+        { "aghik", 0xd9, INSTR_RIE_RRI0 },
+        { { 0, LONG_INSN_ALHSIK }, 0xda, INSTR_RIE_RRI0 },
+        { { 0, LONG_INSN_ALGHSIK }, 0xdb, INSTR_RIE_RRI0 },
 #endif
         { "", 0, INSTR_INVALID }
 };
@@ -1321,6 +1434,9 @@ static struct insn *find_insn(unsigned char *code)
         case 0xc8:
                 table = opcode_c8;
                 break;
+        case 0xcc:
+                table = opcode_cc;
+                break;
         case 0xe3:
                 table = opcode_e3;
                 opfrag = code[5];
@@ -1367,7 +1483,11 @@ static int print_insn(char *buffer, unsigned char *code, unsigned long addr)
         ptr = buffer;
         insn = find_insn(code);
         if (insn) {
-                ptr += sprintf(ptr, "%.5s\t", insn->name);
+                if (insn->name[0] == '\0')
+                        ptr += sprintf(ptr, "%s\t",
+                                       long_insn_name[(int) insn->name[1]]);
+                else
+                        ptr += sprintf(ptr, "%.5s\t", insn->name);
                 /* Extract the operands. */
                 separator = 0;
                 for (ops = formats[insn->format] + 1, i = 0;
diff --git a/arch/s390/kernel/early.c b/arch/s390/kernel/early.c
index c00856ad4e5a..068f8465c4ee 100644
--- a/arch/s390/kernel/early.c
+++ b/arch/s390/kernel/early.c
@@ -94,6 +94,7 @@ static noinline __init void create_kernel_nss(void)
         unsigned int sinitrd_pfn, einitrd_pfn;
 #endif
         int response;
+        int hlen;
         size_t len;
         char *savesys_ptr;
         char defsys_cmd[DEFSYS_CMD_SIZE];
@@ -124,24 +125,27 @@ static noinline __init void create_kernel_nss(void)
         end_pfn = PFN_UP(__pa(&_end));
         min_size = end_pfn << 2;
 
-        sprintf(defsys_cmd, "DEFSYS %s 00000-%.5X EW %.5X-%.5X SR %.5X-%.5X",
-                kernel_nss_name, stext_pfn - 1, stext_pfn, eshared_pfn - 1,
-                eshared_pfn, end_pfn);
+        hlen = snprintf(defsys_cmd, DEFSYS_CMD_SIZE,
+                        "DEFSYS %s 00000-%.5X EW %.5X-%.5X SR %.5X-%.5X",
+                        kernel_nss_name, stext_pfn - 1, stext_pfn,
+                        eshared_pfn - 1, eshared_pfn, end_pfn);
 
 #ifdef CONFIG_BLK_DEV_INITRD
         if (INITRD_START && INITRD_SIZE) {
                 sinitrd_pfn = PFN_DOWN(__pa(INITRD_START));
                 einitrd_pfn = PFN_UP(__pa(INITRD_START + INITRD_SIZE));
                 min_size = einitrd_pfn << 2;
-                sprintf(defsys_cmd, "%s EW %.5X-%.5X", defsys_cmd,
-                sinitrd_pfn, einitrd_pfn);
+                hlen += snprintf(defsys_cmd + hlen, DEFSYS_CMD_SIZE - hlen,
+                                 " EW %.5X-%.5X", sinitrd_pfn, einitrd_pfn);
         }
 #endif
 
-        sprintf(defsys_cmd, "%s EW MINSIZE=%.7iK PARMREGS=0-13",
-                defsys_cmd, min_size);
-        sprintf(savesys_cmd, "SAVESYS %s \n IPL %s",
-                kernel_nss_name, kernel_nss_name);
+        snprintf(defsys_cmd + hlen, DEFSYS_CMD_SIZE - hlen,
+                 " EW MINSIZE=%.7iK PARMREGS=0-13", min_size);
+        defsys_cmd[DEFSYS_CMD_SIZE - 1] = '\0';
+        snprintf(savesys_cmd, SAVESYS_CMD_SIZE, "SAVESYS %s \n IPL %s",
+                 kernel_nss_name, kernel_nss_name);
+        savesys_cmd[SAVESYS_CMD_SIZE - 1] = '\0';
 
         __cpcmd(defsys_cmd, NULL, 0, &response);
 
@@ -208,7 +212,8 @@ static noinline __init void init_kernel_storage_key(void)
         end_pfn = PFN_UP(__pa(&_end));
 
         for (init_pfn = 0 ; init_pfn < end_pfn; init_pfn++)
-                page_set_storage_key(init_pfn << PAGE_SHIFT, PAGE_DEFAULT_KEY);
+                page_set_storage_key(init_pfn << PAGE_SHIFT,
+                                     PAGE_DEFAULT_KEY, 0);
 }
 
 static __initdata struct sysinfo_3_2_2 vmms __aligned(PAGE_SIZE);
@@ -255,13 +260,33 @@ static noinline __init void setup_lowcore_early(void)
         s390_base_pgm_handler_fn = early_pgm_check_handler;
 }
 
+static noinline __init void setup_facility_list(void)
+{
+        unsigned long nr;
+
+        S390_lowcore.stfl_fac_list = 0;
+        asm volatile(
+                "       .insn   s,0xb2b10000,0(0)\n" /* stfl */
+                "0:\n"
+                EX_TABLE(0b,0b) : "=m" (S390_lowcore.stfl_fac_list));
+        memcpy(&S390_lowcore.stfle_fac_list, &S390_lowcore.stfl_fac_list, 4);
+        nr = 4;                         /* # bytes stored by stfl */
+        if (test_facility(7)) {
+                /* More facility bits available with stfle */
+                register unsigned long reg0 asm("0") = MAX_FACILITY_BIT/64 - 1;
+                asm volatile(".insn s,0xb2b00000,%0" /* stfle */
+                             : "=m" (S390_lowcore.stfle_fac_list), "+d" (reg0)
+                             : : "cc");
+                nr = (reg0 + 1) * 8;    /* # bytes stored by stfle */
+        }
+        memset((char *) S390_lowcore.stfle_fac_list + nr, 0,
+               MAX_FACILITY_BIT/8 - nr);
+}
+
 static noinline __init void setup_hpage(void)
 {
 #ifndef CONFIG_DEBUG_PAGEALLOC
-        unsigned int facilities;
-
-        facilities = stfl();
-        if (!(facilities & (1UL << 23)) || !(facilities & (1UL << 29)))
+        if (!test_facility(2) || !test_facility(8))
                 return;
         S390_lowcore.machine_flags |= MACHINE_FLAG_HPAGE;
         __ctl_set_bit(0, 23);
@@ -355,18 +380,15 @@ static __init void detect_diag44(void)
 static __init void detect_machine_facilities(void)
 {
 #ifdef CONFIG_64BIT
-        unsigned int facilities;
-        unsigned long long facility_bits;
-
-        facilities = stfl();
-        if (facilities & (1 << 28))
+        if (test_facility(3))
                 S390_lowcore.machine_flags |= MACHINE_FLAG_IDTE;
-        if (facilities & (1 << 23))
+        if (test_facility(8))
                 S390_lowcore.machine_flags |= MACHINE_FLAG_PFMF;
-        if (facilities & (1 << 4))
+        if (test_facility(11))
+                S390_lowcore.machine_flags |= MACHINE_FLAG_TOPOLOGY;
+        if (test_facility(27))
                 S390_lowcore.machine_flags |= MACHINE_FLAG_MVCOS;
-        if ((stfle(&facility_bits, 1) > 0) &&
-            (facility_bits & (1ULL << (63 - 40))))
+        if (test_facility(40))
                 S390_lowcore.machine_flags |= MACHINE_FLAG_SPP;
 #endif
 }
@@ -447,6 +469,7 @@ void __init startup_init(void)
         lockdep_off();
         sort_main_extable();
         setup_lowcore_early();
+        setup_facility_list();
         detect_machine_type();
         ipl_update_parameters();
         setup_boot_command_line();
diff --git a/arch/s390/kernel/entry.S b/arch/s390/kernel/entry.S
index bea9ee37ac9d..0476174dfff5 100644
--- a/arch/s390/kernel/entry.S
+++ b/arch/s390/kernel/entry.S
@@ -9,7 +9,6 @@
  *               Heiko Carstens <heiko.carstens@de.ibm.com>
  */
 
-#include <linux/sys.h>
 #include <linux/linkage.h>
 #include <linux/init.h>
 #include <asm/cache.h>
@@ -49,7 +48,7 @@ SP_SVCNR     =	STACK_FRAME_OVERHEAD + __PT_SVCNR
 SP_SIZE      =  STACK_FRAME_OVERHEAD + __PT_SIZE
 
 _TIF_WORK_SVC = (_TIF_SIGPENDING | _TIF_NOTIFY_RESUME | _TIF_NEED_RESCHED | \
-                 _TIF_MCCK_PENDING | _TIF_RESTART_SVC | _TIF_SINGLE_STEP )
+                 _TIF_MCCK_PENDING | _TIF_RESTART_SVC | _TIF_PER_TRAP )
 _TIF_WORK_INT = (_TIF_SIGPENDING | _TIF_NOTIFY_RESUME | _TIF_NEED_RESCHED | \
                  _TIF_MCCK_PENDING)
 _TIF_SYSCALL = (_TIF_SYSCALL_TRACE>>8 | _TIF_SYSCALL_AUDIT>>8 | \
@@ -72,25 +71,9 @@ STACK_SIZE  = 1 << STACK_SHIFT
         l       %r1,BASED(.Ltrace_irq_off_caller)
         basr    %r14,%r1
         .endm
-
-        .macro  TRACE_IRQS_CHECK_ON
-        tm      SP_PSW(%r15),0x03       # irqs enabled?
-        bz      BASED(0f)
-        TRACE_IRQS_ON
-0:
-        .endm
-
-        .macro  TRACE_IRQS_CHECK_OFF
-        tm      SP_PSW(%r15),0x03       # irqs enabled?
-        bz      BASED(0f)
-        TRACE_IRQS_OFF
-0:
-        .endm
 #else
 #define TRACE_IRQS_ON
 #define TRACE_IRQS_OFF
-#define TRACE_IRQS_CHECK_ON
-#define TRACE_IRQS_CHECK_OFF
 #endif
 
 #ifdef CONFIG_LOCKDEP
@@ -126,31 +109,36 @@ STACK_SIZE  = 1 << STACK_SHIFT
 1:      stm     %r10,%r11,\lc_sum
         .endm
 
-        .macro  SAVE_ALL_BASE savearea
+        .macro  SAVE_ALL_SVC psworg,savearea
         stm     %r12,%r15,\savearea
         l       %r13,__LC_SVC_NEW_PSW+4 # load &system_call to %r13
+        l       %r15,__LC_KERNEL_STACK  # problem state -> load ksp
+        s       %r15,BASED(.Lc_spsize)  # make room for registers & psw
         .endm
 
-        .macro  SAVE_ALL_SVC psworg,savearea
-        la      %r12,\psworg
-        l       %r15,__LC_KERNEL_STACK  # problem state -> load ksp
+        .macro  SAVE_ALL_BASE savearea
+        stm     %r12,%r15,\savearea
+        l       %r13,__LC_SVC_NEW_PSW+4 # load &system_call to %r13
         .endm
 
-        .macro  SAVE_ALL_SYNC psworg,savearea
-        la      %r12,\psworg
+        .macro  SAVE_ALL_PGM psworg,savearea
         tm      \psworg+1,0x01          # test problem state bit
-        bz      BASED(2f)               # skip stack setup save
-        l       %r15,__LC_KERNEL_STACK  # problem state -> load ksp
 #ifdef CONFIG_CHECK_STACK
-        b       BASED(3f)
-2:      tml     %r15,STACK_SIZE - CONFIG_STACK_GUARD
-        bz      BASED(stack_overflow)
-3:
+        bnz     BASED(1f)
+        tml     %r15,STACK_SIZE - CONFIG_STACK_GUARD
+        bnz     BASED(2f)
+        la      %r12,\psworg
+        b       BASED(stack_overflow)
+#else
+        bz      BASED(2f)
 #endif
-2:
+1:      l       %r15,__LC_KERNEL_STACK  # problem state -> load ksp
+2:      s       %r15,BASED(.Lc_spsize)  # make room for registers & psw
         .endm
 
         .macro  SAVE_ALL_ASYNC psworg,savearea
+        stm     %r12,%r15,\savearea
+        l       %r13,__LC_SVC_NEW_PSW+4 # load &system_call to %r13
         la      %r12,\psworg
         tm      \psworg+1,0x01          # test problem state bit
         bnz     BASED(1f)               # from user -> load async stack
@@ -165,27 +153,23 @@ STACK_SIZE  = 1 << STACK_SHIFT
 0:      l       %r14,__LC_ASYNC_STACK   # are we already on the async stack ?
         slr     %r14,%r15
         sra     %r14,STACK_SHIFT
-        be      BASED(2f)
-1:      l       %r15,__LC_ASYNC_STACK
 #ifdef CONFIG_CHECK_STACK
-        b       BASED(3f)
-2:      tml     %r15,STACK_SIZE - CONFIG_STACK_GUARD
-        bz      BASED(stack_overflow)
-3:
+        bnz     BASED(1f)
+        tml     %r15,STACK_SIZE - CONFIG_STACK_GUARD
+        bnz     BASED(2f)
+        b       BASED(stack_overflow)
+#else
+        bz      BASED(2f)
 #endif
-2:
+1:      l       %r15,__LC_ASYNC_STACK
+2:      s       %r15,BASED(.Lc_spsize)  # make room for registers & psw
         .endm
 
-        .macro  CREATE_STACK_FRAME psworg,savearea
-        s       %r15,BASED(.Lc_spsize)  # make room for registers & psw
-        mvc     SP_PSW(8,%r15),0(%r12)  # move user PSW to stack
+        .macro  CREATE_STACK_FRAME savearea
+        xc      __SF_BACKCHAIN(4,%r15),__SF_BACKCHAIN(%r15)
         st      %r2,SP_ORIG_R2(%r15)    # store original content of gpr 2
-        icm     %r12,12,__LC_SVC_ILC
-        stm     %r0,%r11,SP_R0(%r15)    # store gprs %r0-%r11 to kernel stack
-        st      %r12,SP_ILC(%r15)
         mvc     SP_R12(16,%r15),\savearea # move %r12-%r15 to stack
-        la      %r12,0
-        st      %r12,__SF_BACKCHAIN(%r15)       # clear back chain
+        stm     %r0,%r11,SP_R0(%r15)    # store gprs %r0-%r11 to kernel stack
         .endm
 
         .macro  RESTORE_ALL psworg,sync
@@ -198,6 +182,14 @@ STACK_SIZE  = 1 << STACK_SHIFT
         lpsw    \psworg                 # back to caller
         .endm
 
+        .macro REENABLE_IRQS
+        mvc     __SF_EMPTY(1,%r15),SP_PSW(%r15)
+        ni      __SF_EMPTY(%r15),0xbf
+        ssm     __SF_EMPTY(%r15)
+        .endm
+
+        .section .kprobes.text, "ax"
+
 /*
  * Scheduler resume function, called by switch_to
  *  gpr2 = (task_struct *) prev
@@ -208,31 +200,22 @@ STACK_SIZE  = 1 << STACK_SHIFT
         .globl  __switch_to
 __switch_to:
         basr    %r1,0
-__switch_to_base:
-        tm      __THREAD_per(%r3),0xe8          # new process is using per ?
-        bz      __switch_to_noper-__switch_to_base(%r1) # if not we're fine
-        stctl   %c9,%c11,__SF_EMPTY(%r15)       # We are using per stuff
-        clc     __THREAD_per(12,%r3),__SF_EMPTY(%r15)
-        be      __switch_to_noper-__switch_to_base(%r1) # we got away w/o bashing TLB's
-        lctl    %c9,%c11,__THREAD_per(%r3)      # Nope we didn't
-__switch_to_noper:
-        l       %r4,__THREAD_info(%r2)          # get thread_info of prev
+0:      l       %r4,__THREAD_info(%r2)          # get thread_info of prev
+        l       %r5,__THREAD_info(%r3)          # get thread_info of next
         tm      __TI_flags+3(%r4),_TIF_MCCK_PENDING # machine check pending?
-        bz      __switch_to_no_mcck-__switch_to_base(%r1)
-        ni      __TI_flags+3(%r4),255-_TIF_MCCK_PENDING # clear flag in prev
-        l       %r4,__THREAD_info(%r3)          # get thread_info of next
-        oi      __TI_flags+3(%r4),_TIF_MCCK_PENDING # set it in next
-__switch_to_no_mcck:
-        stm     %r6,%r15,__SF_GPRS(%r15)# store __switch_to registers of prev task
-        st      %r15,__THREAD_ksp(%r2)  # store kernel stack to prev->tss.ksp
-        l       %r15,__THREAD_ksp(%r3)  # load kernel stack from next->tss.ksp
-        lm      %r6,%r15,__SF_GPRS(%r15)# load __switch_to registers of next task
-        st      %r3,__LC_CURRENT        # __LC_CURRENT = current task struct
-        lctl    %c4,%c4,__TASK_pid(%r3) # load pid to control reg. 4
-        l       %r3,__THREAD_info(%r3)  # load thread_info from task struct
-        st      %r3,__LC_THREAD_INFO
-        ahi     %r3,STACK_SIZE
-        st      %r3,__LC_KERNEL_STACK   # __LC_KERNEL_STACK = new kernel stack
+        bz      1f-0b(%r1)
+        ni      __TI_flags+3(%r4),255-_TIF_MCCK_PENDING # clear flag in prev
+        oi      __TI_flags+3(%r5),_TIF_MCCK_PENDING     # set it in next
+1:      stm     %r6,%r15,__SF_GPRS(%r15)        # store gprs of prev task
+        st      %r15,__THREAD_ksp(%r2)          # store kernel stack of prev
+        l       %r15,__THREAD_ksp(%r3)          # load kernel stack of next
+        lctl    %c4,%c4,__TASK_pid(%r3)         # load pid to control reg. 4
+        lm      %r6,%r15,__SF_GPRS(%r15)        # load gprs of next task
+        st      %r3,__LC_CURRENT                # store task struct of next
+        mvc     __LC_CURRENT_PID(4,%r0),__TASK_pid(%r3) # store pid of next
+        st      %r5,__LC_THREAD_INFO            # store thread info of next
+        ahi     %r5,STACK_SIZE                  # end of kernel stack of next
+        st      %r5,__LC_KERNEL_STACK           # store end of kernel stack
         br      %r14
 
 __critical_start:
@@ -245,10 +228,11 @@ __critical_start:
 system_call:
         stpt    __LC_SYNC_ENTER_TIMER
 sysc_saveall:
-        SAVE_ALL_BASE __LC_SAVE_AREA
         SAVE_ALL_SVC __LC_SVC_OLD_PSW,__LC_SAVE_AREA
-        CREATE_STACK_FRAME __LC_SVC_OLD_PSW,__LC_SAVE_AREA
-        lh      %r7,0x8a          # get svc number from lowcore
+        CREATE_STACK_FRAME __LC_SAVE_AREA
+        mvc     SP_PSW(8,%r15),__LC_SVC_OLD_PSW
+        mvc     SP_ILC(4,%r15),__LC_SVC_ILC
+        l       %r12,__LC_THREAD_INFO   # load pointer to thread_info struct
 sysc_vtime:
         UPDATE_VTIME __LC_EXIT_TIMER,__LC_SYNC_ENTER_TIMER,__LC_USER_TIMER
 sysc_stime:
@@ -256,21 +240,20 @@ sysc_stime:
 sysc_update:
         mvc     __LC_LAST_UPDATE_TIMER(8),__LC_SYNC_ENTER_TIMER
 sysc_do_svc:
-        l       %r9,__LC_THREAD_INFO    # load pointer to thread_info struct
-        ltr     %r7,%r7                 # test for svc 0
+        xr      %r7,%r7
+        icm     %r7,3,SP_SVCNR(%r15)    # load svc number and test for svc 0
         bnz     BASED(sysc_nr_ok)       # svc number > 0
         # svc 0: system call number in %r1
         cl      %r1,BASED(.Lnr_syscalls)
         bnl     BASED(sysc_nr_ok)
+        sth     %r1,SP_SVCNR(%r15)
         lr      %r7,%r1           # copy svc number to %r7
 sysc_nr_ok:
-        mvc     SP_ARGS(4,%r15),SP_R7(%r15)
-sysc_do_restart:
-        sth     %r7,SP_SVCNR(%r15)
         sll     %r7,2             # svc number *4
-        l       %r8,BASED(.Lsysc_table)
-        tm      __TI_flags+2(%r9),_TIF_SYSCALL
-        l       %r8,0(%r7,%r8)    # get system call addr.
+        l       %r10,BASED(.Lsysc_table)
+        tm      __TI_flags+2(%r12),_TIF_SYSCALL
+        mvc     SP_ARGS(4,%r15),SP_R7(%r15)
+        l       %r8,0(%r7,%r10)   # get system call addr.
         bnz     BASED(sysc_tracesys)
         basr    %r14,%r8          # call sys_xxxx
         st      %r2,SP_R2(%r15)   # store return value (change R2 on stack)
@@ -278,7 +261,7 @@ sysc_do_restart:
 sysc_return:
         LOCKDEP_SYS_EXIT
 sysc_tif:
-        tm      __TI_flags+3(%r9),_TIF_WORK_SVC
+        tm      __TI_flags+3(%r12),_TIF_WORK_SVC
         bnz     BASED(sysc_work)  # there is work to do (signals etc.)
 sysc_restore:
         RESTORE_ALL __LC_RETURN_PSW,1
@@ -295,17 +278,17 @@ sysc_work:
 # One of the work bits is on. Find out which one.
 #
 sysc_work_tif:
-        tm      __TI_flags+3(%r9),_TIF_MCCK_PENDING
+        tm      __TI_flags+3(%r12),_TIF_MCCK_PENDING
         bo      BASED(sysc_mcck_pending)
-        tm      __TI_flags+3(%r9),_TIF_NEED_RESCHED
+        tm      __TI_flags+3(%r12),_TIF_NEED_RESCHED
         bo      BASED(sysc_reschedule)
-        tm      __TI_flags+3(%r9),_TIF_SIGPENDING
+        tm      __TI_flags+3(%r12),_TIF_SIGPENDING
         bo      BASED(sysc_sigpending)
-        tm      __TI_flags+3(%r9),_TIF_NOTIFY_RESUME
+        tm      __TI_flags+3(%r12),_TIF_NOTIFY_RESUME
         bo      BASED(sysc_notify_resume)
-        tm      __TI_flags+3(%r9),_TIF_RESTART_SVC
+        tm      __TI_flags+3(%r12),_TIF_RESTART_SVC
         bo      BASED(sysc_restart)
-        tm      __TI_flags+3(%r9),_TIF_SINGLE_STEP
+        tm      __TI_flags+3(%r12),_TIF_PER_TRAP
         bo      BASED(sysc_singlestep)
         b       BASED(sysc_return)      # beware of critical section cleanup
 
@@ -329,13 +312,13 @@ sysc_mcck_pending:
 # _TIF_SIGPENDING is set, call do_signal
 #
 sysc_sigpending:
-        ni      __TI_flags+3(%r9),255-_TIF_SINGLE_STEP # clear TIF_SINGLE_STEP
+        ni      __TI_flags+3(%r12),255-_TIF_PER_TRAP # clear TIF_PER_TRAP
         la      %r2,SP_PTREGS(%r15)     # load pt_regs
         l       %r1,BASED(.Ldo_signal)
         basr    %r14,%r1                # call do_signal
-        tm      __TI_flags+3(%r9),_TIF_RESTART_SVC
+        tm      __TI_flags+3(%r12),_TIF_RESTART_SVC
         bo      BASED(sysc_restart)
-        tm      __TI_flags+3(%r9),_TIF_SINGLE_STEP
+        tm      __TI_flags+3(%r12),_TIF_PER_TRAP
         bo      BASED(sysc_singlestep)
         b       BASED(sysc_return)
 
@@ -353,23 +336,23 @@ sysc_notify_resume:
 # _TIF_RESTART_SVC is set, set up registers and restart svc
 #
 sysc_restart:
-        ni      __TI_flags+3(%r9),255-_TIF_RESTART_SVC # clear TIF_RESTART_SVC
+        ni      __TI_flags+3(%r12),255-_TIF_RESTART_SVC # clear TIF_RESTART_SVC
         l       %r7,SP_R2(%r15)         # load new svc number
         mvc     SP_R2(4,%r15),SP_ORIG_R2(%r15) # restore first argument
         lm      %r2,%r6,SP_R2(%r15)     # load svc arguments
-        b       BASED(sysc_do_restart)  # restart svc
+        sth     %r7,SP_SVCNR(%r15)
+        b       BASED(sysc_nr_ok)       # restart svc
 
 #
-# _TIF_SINGLE_STEP is set, call do_single_step
+# _TIF_PER_TRAP is set, call do_per_trap
 #
 sysc_singlestep:
-        ni      __TI_flags+3(%r9),255-_TIF_SINGLE_STEP # clear TIF_SINGLE_STEP
-        mvi     SP_SVCNR(%r15),0xff     # set trap indication to pgm check
-        mvi     SP_SVCNR+1(%r15),0xff
+        ni      __TI_flags+3(%r12),255-_TIF_PER_TRAP # clear TIF_PER_TRAP
+        xc      SP_SVCNR(2,%r15),SP_SVCNR(%r15)         # clear svc number
         la      %r2,SP_PTREGS(%r15)     # address of register-save area
         l       %r1,BASED(.Lhandle_per) # load adr. of per handler
         la      %r14,BASED(sysc_return) # load adr. of system return
-        br      %r1                     # branch to do_single_step
+        br      %r1                     # branch to do_per_trap
 
 #
 # call tracehook_report_syscall_entry/tracehook_report_syscall_exit before
@@ -379,22 +362,23 @@ sysc_tracesys:
         l       %r1,BASED(.Ltrace_entry)
         la      %r2,SP_PTREGS(%r15)     # load pt_regs
         la      %r3,0
-        srl     %r7,2
-        st      %r7,SP_R2(%r15)
+        xr      %r0,%r0
+        icm     %r0,3,SP_SVCNR(%r15)
+        st      %r0,SP_R2(%r15)
         basr    %r14,%r1
         cl      %r2,BASED(.Lnr_syscalls)
         bnl     BASED(sysc_tracenogo)
-        l       %r8,BASED(.Lsysc_table)
         lr      %r7,%r2
         sll     %r7,2                   # svc number *4
-        l       %r8,0(%r7,%r8)
+        l       %r8,0(%r7,%r10)
 sysc_tracego:
         lm      %r3,%r6,SP_R3(%r15)
+        mvc     SP_ARGS(4,%r15),SP_R7(%r15)
         l       %r2,SP_ORIG_R2(%r15)
         basr    %r14,%r8                # call sys_xxx
         st      %r2,SP_R2(%r15)         # store return value
 sysc_tracenogo:
-        tm      __TI_flags+2(%r9),_TIF_SYSCALL
+        tm      __TI_flags+2(%r12),_TIF_SYSCALL
         bz      BASED(sysc_return)
         l       %r1,BASED(.Ltrace_exit)
         la      %r2,SP_PTREGS(%r15)     # load pt_regs
@@ -407,7 +391,7 @@ sysc_tracenogo:
         .globl  ret_from_fork
 ret_from_fork:
         l       %r13,__LC_SVC_NEW_PSW+4
-        l       %r9,__LC_THREAD_INFO    # load pointer to thread_info struct
+        l       %r12,__LC_THREAD_INFO   # load pointer to thread_info struct
         tm      SP_PSW+1(%r15),0x01     # forking a kernel thread ?
         bo      BASED(0f)
         st      %r15,SP_R15(%r15)       # store stack pointer for new kthread
@@ -440,13 +424,11 @@ kernel_execve:
         br      %r14
         # execve succeeded.
 0:      stnsm   __SF_EMPTY(%r15),0xfc   # disable interrupts
-        TRACE_IRQS_OFF
         l       %r15,__LC_KERNEL_STACK  # load ksp
         s       %r15,BASED(.Lc_spsize)  # make room for registers & psw
-        l       %r9,__LC_THREAD_INFO
         mvc     SP_PTREGS(__PT_SIZE,%r15),0(%r12)       # copy pt_regs
+        l       %r12,__LC_THREAD_INFO
         xc      __SF_BACKCHAIN(4,%r15),__SF_BACKCHAIN(%r15)
-        TRACE_IRQS_ON
         stosm   __SF_EMPTY(%r15),0x03   # reenable interrupts
         l       %r1,BASED(.Lexecve_tail)
         basr    %r14,%r1
@@ -475,27 +457,28 @@ pgm_check_handler:
         SAVE_ALL_BASE __LC_SAVE_AREA
         tm      __LC_PGM_INT_CODE+1,0x80 # check whether we got a per exception
         bnz     BASED(pgm_per)          # got per exception -> special case
-        SAVE_ALL_SYNC __LC_PGM_OLD_PSW,__LC_SAVE_AREA
-        CREATE_STACK_FRAME __LC_PGM_OLD_PSW,__LC_SAVE_AREA
+        SAVE_ALL_PGM __LC_PGM_OLD_PSW,__LC_SAVE_AREA
+        CREATE_STACK_FRAME __LC_SAVE_AREA
+        xc      SP_ILC(4,%r15),SP_ILC(%r15)
+        mvc     SP_PSW(8,%r15),__LC_PGM_OLD_PSW
+        l       %r12,__LC_THREAD_INFO   # load pointer to thread_info struct
         tm      SP_PSW+1(%r15),0x01     # interrupting from user ?
         bz      BASED(pgm_no_vtime)
         UPDATE_VTIME __LC_EXIT_TIMER,__LC_SYNC_ENTER_TIMER,__LC_USER_TIMER
         UPDATE_VTIME __LC_LAST_UPDATE_TIMER,__LC_EXIT_TIMER,__LC_SYSTEM_TIMER
         mvc     __LC_LAST_UPDATE_TIMER(8),__LC_SYNC_ENTER_TIMER
 pgm_no_vtime:
-        TRACE_IRQS_CHECK_OFF
-        l       %r9,__LC_THREAD_INFO    # load pointer to thread_info struct
         l       %r3,__LC_PGM_ILC        # load program interruption code
+        l       %r4,__LC_TRANS_EXC_CODE
+        REENABLE_IRQS
         la      %r8,0x7f
         nr      %r8,%r3
-pgm_do_call:
-        l       %r7,BASED(.Ljump_table)
         sll     %r8,2
-        l       %r7,0(%r8,%r7)          # load address of handler routine
+        l       %r1,BASED(.Ljump_table)
+        l       %r1,0(%r8,%r1)          # load address of handler routine
         la      %r2,SP_PTREGS(%r15)     # address of register-save area
-        basr    %r14,%r7                # branch to interrupt-handler
+        basr    %r14,%r1                # branch to interrupt-handler
 pgm_exit:
-        TRACE_IRQS_CHECK_ON
         b       BASED(sysc_return)
 
 #
@@ -515,55 +498,54 @@ pgm_per:
 # Normal per exception
 #
 pgm_per_std:
-        SAVE_ALL_SYNC __LC_PGM_OLD_PSW,__LC_SAVE_AREA
-        CREATE_STACK_FRAME __LC_PGM_OLD_PSW,__LC_SAVE_AREA
+        SAVE_ALL_PGM __LC_PGM_OLD_PSW,__LC_SAVE_AREA
+        CREATE_STACK_FRAME __LC_SAVE_AREA
+        mvc     SP_PSW(8,%r15),__LC_PGM_OLD_PSW
+        l       %r12,__LC_THREAD_INFO   # load pointer to thread_info struct
         tm      SP_PSW+1(%r15),0x01     # interrupting from user ?
         bz      BASED(pgm_no_vtime2)
         UPDATE_VTIME __LC_EXIT_TIMER,__LC_SYNC_ENTER_TIMER,__LC_USER_TIMER
         UPDATE_VTIME __LC_LAST_UPDATE_TIMER,__LC_EXIT_TIMER,__LC_SYSTEM_TIMER
         mvc     __LC_LAST_UPDATE_TIMER(8),__LC_SYNC_ENTER_TIMER
 pgm_no_vtime2:
-        TRACE_IRQS_CHECK_OFF
-        l       %r9,__LC_THREAD_INFO    # load pointer to thread_info struct
-        l       %r1,__TI_task(%r9)
+        l       %r1,__TI_task(%r12)
         tm      SP_PSW+1(%r15),0x01     # kernel per event ?
         bz      BASED(kernel_per)
-        mvc     __THREAD_per+__PER_atmid(2,%r1),__LC_PER_ATMID
-        mvc     __THREAD_per+__PER_address(4,%r1),__LC_PER_ADDRESS
-        mvc     __THREAD_per+__PER_access_id(1,%r1),__LC_PER_ACCESS_ID
-        oi      __TI_flags+3(%r9),_TIF_SINGLE_STEP # set TIF_SINGLE_STEP
+        mvc     __THREAD_per_cause(2,%r1),__LC_PER_CAUSE
+        mvc     __THREAD_per_address(4,%r1),__LC_PER_ADDRESS
+        mvc     __THREAD_per_paid(1,%r1),__LC_PER_PAID
+        oi      __TI_flags+3(%r12),_TIF_PER_TRAP # set TIF_PER_TRAP
         l       %r3,__LC_PGM_ILC        # load program interruption code
+        l       %r4,__LC_TRANS_EXC_CODE
+        REENABLE_IRQS
         la      %r8,0x7f
         nr      %r8,%r3                 # clear per-event-bit and ilc
         be      BASED(pgm_exit2)        # only per or per+check ?
-        l       %r7,BASED(.Ljump_table)
         sll     %r8,2
-        l       %r7,0(%r8,%r7)          # load address of handler routine
+        l       %r1,BASED(.Ljump_table)
+        l       %r1,0(%r8,%r1)          # load address of handler routine
         la      %r2,SP_PTREGS(%r15)     # address of register-save area
-        basr    %r14,%r7                # branch to interrupt-handler
+        basr    %r14,%r1                # branch to interrupt-handler
 pgm_exit2:
-        TRACE_IRQS_ON
-        stosm   __SF_EMPTY(%r15),0x03   # reenable interrupts
         b       BASED(sysc_return)
 
 #
 # it was a single stepped SVC that is causing all the trouble
 #
 pgm_svcper:
-        SAVE_ALL_SYNC __LC_SVC_OLD_PSW,__LC_SAVE_AREA
-        CREATE_STACK_FRAME __LC_SVC_OLD_PSW,__LC_SAVE_AREA
+        SAVE_ALL_PGM __LC_SVC_OLD_PSW,__LC_SAVE_AREA
+        CREATE_STACK_FRAME __LC_SAVE_AREA
+        mvc     SP_PSW(8,%r15),__LC_SVC_OLD_PSW
+        mvc     SP_ILC(4,%r15),__LC_SVC_ILC
+        l       %r12,__LC_THREAD_INFO   # load pointer to thread_info struct
         UPDATE_VTIME __LC_EXIT_TIMER,__LC_SYNC_ENTER_TIMER,__LC_USER_TIMER
         UPDATE_VTIME __LC_LAST_UPDATE_TIMER,__LC_EXIT_TIMER,__LC_SYSTEM_TIMER
         mvc     __LC_LAST_UPDATE_TIMER(8),__LC_SYNC_ENTER_TIMER
-        lh      %r7,0x8a                # get svc number from lowcore
-        l       %r9,__LC_THREAD_INFO    # load pointer to thread_info struct
-        TRACE_IRQS_OFF
-        l       %r8,__TI_task(%r9)
-        mvc     __THREAD_per+__PER_atmid(2,%r8),__LC_PER_ATMID
-        mvc     __THREAD_per+__PER_address(4,%r8),__LC_PER_ADDRESS
-        mvc     __THREAD_per+__PER_access_id(1,%r8),__LC_PER_ACCESS_ID
-        oi      __TI_flags+3(%r9),_TIF_SINGLE_STEP # set TIF_SINGLE_STEP
-        TRACE_IRQS_ON
+        l       %r8,__TI_task(%r12)
+        mvc     __THREAD_per_cause(2,%r8),__LC_PER_CAUSE
+        mvc     __THREAD_per_address(4,%r8),__LC_PER_ADDRESS
+        mvc     __THREAD_per_paid(1,%r8),__LC_PER_PAID
+        oi      __TI_flags+3(%r12),_TIF_PER_TRAP # set TIF_PER_TRAP
         stosm   __SF_EMPTY(%r15),0x03   # reenable interrupts
         lm      %r2,%r6,SP_R2(%r15)     # load svc arguments
         b       BASED(sysc_do_svc)
@@ -572,8 +554,8 @@ pgm_svcper:
 # per was called from kernel, must be kprobes
 #
 kernel_per:
-        mvi     SP_SVCNR(%r15),0xff     # set trap indication to pgm check
-        mvi     SP_SVCNR+1(%r15),0xff
+        REENABLE_IRQS
+        xc      SP_SVCNR(2,%r15),SP_SVCNR(%r15)
         la      %r2,SP_PTREGS(%r15)     # address of register-save area
         l       %r1,BASED(.Lhandle_per) # load adr. of per handler
         basr    %r14,%r1                # branch to do_single_step
@@ -587,9 +569,10 @@ kernel_per:
 io_int_handler:
         stck    __LC_INT_CLOCK
         stpt    __LC_ASYNC_ENTER_TIMER
-        SAVE_ALL_BASE __LC_SAVE_AREA+16
         SAVE_ALL_ASYNC __LC_IO_OLD_PSW,__LC_SAVE_AREA+16
-        CREATE_STACK_FRAME __LC_IO_OLD_PSW,__LC_SAVE_AREA+16
+        CREATE_STACK_FRAME __LC_SAVE_AREA+16
+        mvc     SP_PSW(8,%r15),0(%r12)  # move user PSW to stack
+        l       %r12,__LC_THREAD_INFO   # load pointer to thread_info struct
         tm      SP_PSW+1(%r15),0x01     # interrupting from user ?
         bz      BASED(io_no_vtime)
         UPDATE_VTIME __LC_EXIT_TIMER,__LC_ASYNC_ENTER_TIMER,__LC_USER_TIMER
@@ -597,7 +580,6 @@ io_int_handler:
         mvc     __LC_LAST_UPDATE_TIMER(8),__LC_ASYNC_ENTER_TIMER
 io_no_vtime:
         TRACE_IRQS_OFF
-        l       %r9,__LC_THREAD_INFO    # load pointer to thread_info struct
         l       %r1,BASED(.Ldo_IRQ)     # load address of do_IRQ
         la      %r2,SP_PTREGS(%r15)     # address of register-save area
         basr    %r14,%r1                # branch to standard irq handler
@@ -605,7 +587,7 @@ io_return:
         LOCKDEP_SYS_EXIT
         TRACE_IRQS_ON
 io_tif:
-        tm      __TI_flags+3(%r9),_TIF_WORK_INT
+        tm      __TI_flags+3(%r12),_TIF_WORK_INT
         bnz     BASED(io_work)          # there is work to do (signals etc.)
 io_restore:
         RESTORE_ALL __LC_RETURN_PSW,0
@@ -623,9 +605,9 @@ io_work:
         bo      BASED(io_work_user)     # yes -> do resched & signal
 #ifdef CONFIG_PREEMPT
         # check for preemptive scheduling
-        icm     %r0,15,__TI_precount(%r9)
+        icm     %r0,15,__TI_precount(%r12)
         bnz     BASED(io_restore)       # preemption disabled
-        tm      __TI_flags+3(%r9),_TIF_NEED_RESCHED
+        tm      __TI_flags+3(%r12),_TIF_NEED_RESCHED
         bno     BASED(io_restore)
         # switch to kernel stack
         l       %r1,SP_R15(%r15)
@@ -659,13 +641,13 @@ io_work_user:
 #               and _TIF_MCCK_PENDING
 #
 io_work_tif:
-        tm      __TI_flags+3(%r9),_TIF_MCCK_PENDING
+        tm      __TI_flags+3(%r12),_TIF_MCCK_PENDING
         bo      BASED(io_mcck_pending)
-        tm      __TI_flags+3(%r9),_TIF_NEED_RESCHED
+        tm      __TI_flags+3(%r12),_TIF_NEED_RESCHED
         bo      BASED(io_reschedule)
-        tm      __TI_flags+3(%r9),_TIF_SIGPENDING
+        tm      __TI_flags+3(%r12),_TIF_SIGPENDING
         bo      BASED(io_sigpending)
-        tm      __TI_flags+3(%r9),_TIF_NOTIFY_RESUME
+        tm      __TI_flags+3(%r12),_TIF_NOTIFY_RESUME
         bo      BASED(io_notify_resume)
         b       BASED(io_return)        # beware of critical section cleanup
 
@@ -725,19 +707,20 @@ io_notify_resume:
 ext_int_handler:
         stck    __LC_INT_CLOCK
         stpt    __LC_ASYNC_ENTER_TIMER
-        SAVE_ALL_BASE __LC_SAVE_AREA+16
         SAVE_ALL_ASYNC __LC_EXT_OLD_PSW,__LC_SAVE_AREA+16
-        CREATE_STACK_FRAME __LC_EXT_OLD_PSW,__LC_SAVE_AREA+16
+        CREATE_STACK_FRAME __LC_SAVE_AREA+16
+        mvc     SP_PSW(8,%r15),0(%r12)  # move user PSW to stack
+        l       %r12,__LC_THREAD_INFO   # load pointer to thread_info struct
         tm      SP_PSW+1(%r15),0x01     # interrupting from user ?
         bz      BASED(ext_no_vtime)
         UPDATE_VTIME __LC_EXIT_TIMER,__LC_ASYNC_ENTER_TIMER,__LC_USER_TIMER
         UPDATE_VTIME __LC_LAST_UPDATE_TIMER,__LC_EXIT_TIMER,__LC_SYSTEM_TIMER
         mvc     __LC_LAST_UPDATE_TIMER(8),__LC_ASYNC_ENTER_TIMER
 ext_no_vtime:
-        l       %r9,__LC_THREAD_INFO    # load pointer to thread_info struct
         TRACE_IRQS_OFF
         la      %r2,SP_PTREGS(%r15)     # address of register-save area
-        lh      %r3,__LC_EXT_INT_CODE   # get interruption code
+        l       %r3,__LC_CPU_ADDRESS    # get cpu address + interruption code
+        l       %r4,__LC_EXT_PARAMS     # get external parameters
         l       %r1,BASED(.Ldo_extint)
         basr    %r14,%r1
         b       BASED(io_return)
@@ -788,7 +771,10 @@ mcck_int_main:
         sra     %r14,PAGE_SHIFT
         be      BASED(0f)
         l       %r15,__LC_PANIC_STACK   # load panic stack
-0:      CREATE_STACK_FRAME __LC_MCK_OLD_PSW,__LC_SAVE_AREA+32
+0:      s       %r15,BASED(.Lc_spsize)  # make room for registers & psw
+        CREATE_STACK_FRAME __LC_SAVE_AREA+32
+        mvc     SP_PSW(8,%r15),0(%r12)
+        l       %r12,__LC_THREAD_INFO   # load pointer to thread_info struct
         tm      __LC_MCCK_CODE+2,0x08   # mwp of old psw valid?
         bno     BASED(mcck_no_vtime)    # no -> skip cleanup critical
         tm      SP_PSW+1(%r15),0x01     # interrupting from user ?
@@ -797,7 +783,6 @@ mcck_int_main:
         UPDATE_VTIME __LC_LAST_UPDATE_TIMER,__LC_EXIT_TIMER,__LC_SYSTEM_TIMER
         mvc     __LC_LAST_UPDATE_TIMER(8),__LC_MCCK_ENTER_TIMER
 mcck_no_vtime:
-        l       %r9,__LC_THREAD_INFO    # load pointer to thread_info struct
         la      %r2,SP_PTREGS(%r15)     # load pt_regs
         l       %r1,BASED(.Ls390_mcck)
         basr    %r14,%r1                # call machine check handler
@@ -809,7 +794,7 @@ mcck_no_vtime:
         xc      __SF_BACKCHAIN(4,%r1),__SF_BACKCHAIN(%r1) # clear back chain
         lr      %r15,%r1
         stosm   __SF_EMPTY(%r15),0x04   # turn dat on
-        tm      __TI_flags+3(%r9),_TIF_MCCK_PENDING
+        tm      __TI_flags+3(%r12),_TIF_MCCK_PENDING
         bno     BASED(mcck_return)
         TRACE_IRQS_OFF
         l       %r1,BASED(.Ls390_handle_mcck)
@@ -852,7 +837,7 @@ restart_base:
         stosm   __SF_EMPTY(%r15),0x04   # now we can turn dat on
         basr    %r14,0
         l       %r14,restart_addr-.(%r14)
-        br      %r14                    # branch to start_secondary
+        basr    %r14,%r14               # branch to start_secondary
 restart_addr:
         .long   start_secondary
         .align  8
@@ -874,6 +859,8 @@ restart_crash:
 restart_go:
 #endif
 
+        .section .kprobes.text, "ax"
+
 #ifdef CONFIG_CHECK_STACK
 /*
  * The synchronous or the asynchronous stack overflowed. We are dead.
@@ -956,12 +943,13 @@ cleanup_system_call:
         bh      BASED(0f)
         mvc     __LC_SAVE_AREA(16),0(%r12)
 0:      st      %r13,4(%r12)
-        st      %r12,__LC_SAVE_AREA+48  # argh
-        SAVE_ALL_SYNC __LC_SVC_OLD_PSW,__LC_SAVE_AREA
-        CREATE_STACK_FRAME __LC_SVC_OLD_PSW,__LC_SAVE_AREA
-        l       %r12,__LC_SAVE_AREA+48  # argh
+        l       %r15,__LC_KERNEL_STACK  # problem state -> load ksp
+        s       %r15,BASED(.Lc_spsize)  # make room for registers & psw
         st      %r15,12(%r12)
-        lh      %r7,0x8a
+        CREATE_STACK_FRAME __LC_SAVE_AREA
+        mvc     SP_PSW(8,%r15),__LC_SVC_OLD_PSW
+        mvc     SP_ILC(4,%r15),__LC_SVC_ILC
+        mvc     0(4,%r12),__LC_THREAD_INFO
 cleanup_vtime:
         clc     __LC_RETURN_PSW+4(4),BASED(cleanup_system_call_insn+12)
         bhe     BASED(cleanup_stime)
@@ -1059,7 +1047,7 @@ cleanup_io_restore_insn:
 .Ldo_signal:    .long   do_signal
 .Ldo_notify_resume:
                 .long   do_notify_resume
-.Lhandle_per:   .long   do_single_step
+.Lhandle_per:   .long   do_per_trap
 .Ldo_execve:    .long   do_execve
 .Lexecve_tail:  .long   execve_tail
 .Ljump_table:   .long   pgm_check_table
diff --git a/arch/s390/kernel/entry.h b/arch/s390/kernel/entry.h
index ff579b6bde06..17a6f83a2d67 100644
--- a/arch/s390/kernel/entry.h
+++ b/arch/s390/kernel/entry.h
@@ -5,21 +5,21 @@
 #include <linux/signal.h>
 #include <asm/ptrace.h>
 
-typedef void pgm_check_handler_t(struct pt_regs *, long);
+typedef void pgm_check_handler_t(struct pt_regs *, long, unsigned long);
 extern pgm_check_handler_t *pgm_check_table[128];
 pgm_check_handler_t do_protection_exception;
 pgm_check_handler_t do_dat_exception;
 
 extern int sysctl_userprocess_debug;
 
-void do_single_step(struct pt_regs *regs);
+void do_per_trap(struct pt_regs *regs);
 void syscall_trace(struct pt_regs *regs, int entryexit);
 void kernel_stack_overflow(struct pt_regs * regs);
 void do_signal(struct pt_regs *regs);
 int handle_signal32(unsigned long sig, struct k_sigaction *ka,
                     siginfo_t *info, sigset_t *oldset, struct pt_regs *regs);
 
-void do_extint(struct pt_regs *regs, unsigned short code);
+void do_extint(struct pt_regs *regs, unsigned int, unsigned int, unsigned long);
 int __cpuinit start_secondary(void *cpuvoid);
 void __init startup_init(void);
 void die(const char * str, struct pt_regs * regs, long err);
diff --git a/arch/s390/kernel/entry64.S b/arch/s390/kernel/entry64.S
index 8bccec15ea90..d61967e2eab0 100644
--- a/arch/s390/kernel/entry64.S
+++ b/arch/s390/kernel/entry64.S
@@ -51,7 +51,7 @@ STACK_SHIFT = PAGE_SHIFT + THREAD_ORDER
 STACK_SIZE  = 1 << STACK_SHIFT
 
 _TIF_WORK_SVC = (_TIF_SIGPENDING | _TIF_NOTIFY_RESUME | _TIF_NEED_RESCHED | \
-                 _TIF_MCCK_PENDING | _TIF_RESTART_SVC | _TIF_SINGLE_STEP )
+                 _TIF_MCCK_PENDING | _TIF_RESTART_SVC | _TIF_PER_TRAP )
 _TIF_WORK_INT = (_TIF_SIGPENDING | _TIF_NOTIFY_RESUME | _TIF_NEED_RESCHED | \
                  _TIF_MCCK_PENDING)
 _TIF_SYSCALL = (_TIF_SYSCALL_TRACE>>8 | _TIF_SYSCALL_AUDIT>>8 | \
@@ -79,25 +79,9 @@ _TIF_SYSCALL = (_TIF_SYSCALL_TRACE>>8 | _TIF_SYSCALL_AUDIT>>8 | \
         basr    %r2,%r0
         brasl   %r14,trace_hardirqs_off_caller
         .endm
-
-        .macro TRACE_IRQS_CHECK_ON
-        tm      SP_PSW(%r15),0x03       # irqs enabled?
-        jz      0f
-        TRACE_IRQS_ON
-0:
-        .endm
-
-        .macro TRACE_IRQS_CHECK_OFF
-        tm      SP_PSW(%r15),0x03       # irqs enabled?
-        jz      0f
-        TRACE_IRQS_OFF
-0:
-        .endm
 #else
 #define TRACE_IRQS_ON
 #define TRACE_IRQS_OFF
-#define TRACE_IRQS_CHECK_ON
-#define TRACE_IRQS_CHECK_OFF
 #endif
 
 #ifdef CONFIG_LOCKDEP
@@ -207,6 +191,14 @@ _TIF_SYSCALL = (_TIF_SYSCALL_TRACE>>8 | _TIF_SYSCALL_AUDIT>>8 | \
 0:
         .endm
 
+        .macro REENABLE_IRQS
+        mvc     __SF_EMPTY(1,%r15),SP_PSW(%r15)
+        ni      __SF_EMPTY(%r15),0xbf
+        ssm     __SF_EMPTY(%r15)
+        .endm
+
+        .section .kprobes.text, "ax"
+
 /*
  * Scheduler resume function, called by switch_to
  *  gpr2 = (task_struct *) prev
@@ -216,30 +208,22 @@ _TIF_SYSCALL = (_TIF_SYSCALL_TRACE>>8 | _TIF_SYSCALL_AUDIT>>8 | \
  */
         .globl  __switch_to
 __switch_to:
-        tm      __THREAD_per+4(%r3),0xe8 # is the new process using per ?
-        jz      __switch_to_noper               # if not we're fine
-        stctg   %c9,%c11,__SF_EMPTY(%r15)# We are using per stuff
-        clc     __THREAD_per(24,%r3),__SF_EMPTY(%r15)
-        je      __switch_to_noper            # we got away without bashing TLB's
-        lctlg   %c9,%c11,__THREAD_per(%r3)      # Nope we didn't
-__switch_to_noper:
-        lg      %r4,__THREAD_info(%r2)              # get thread_info of prev
+        lg      %r4,__THREAD_info(%r2)          # get thread_info of prev
+        lg      %r5,__THREAD_info(%r3)          # get thread_info of next
         tm      __TI_flags+7(%r4),_TIF_MCCK_PENDING # machine check pending?
-        jz      __switch_to_no_mcck
-        ni      __TI_flags+7(%r4),255-_TIF_MCCK_PENDING # clear flag in prev
-        lg      %r4,__THREAD_info(%r3)              # get thread_info of next
-        oi      __TI_flags+7(%r4),_TIF_MCCK_PENDING # set it in next
-__switch_to_no_mcck:
-        stmg    %r6,%r15,__SF_GPRS(%r15)# store __switch_to registers of prev task
-        stg     %r15,__THREAD_ksp(%r2)  # store kernel stack to prev->tss.ksp
-        lg      %r15,__THREAD_ksp(%r3)  # load kernel stack from next->tss.ksp
-        lmg     %r6,%r15,__SF_GPRS(%r15)# load __switch_to registers of next task
-        stg     %r3,__LC_CURRENT        # __LC_CURRENT = current task struct
-        lctl    %c4,%c4,__TASK_pid(%r3) # load pid to control reg. 4
-        lg      %r3,__THREAD_info(%r3)  # load thread_info from task struct
-        stg     %r3,__LC_THREAD_INFO
-        aghi    %r3,STACK_SIZE
-        stg     %r3,__LC_KERNEL_STACK   # __LC_KERNEL_STACK = new kernel stack
+        jz      0f
+        ni      __TI_flags+7(%r4),255-_TIF_MCCK_PENDING # clear flag in prev
+        oi      __TI_flags+7(%r5),_TIF_MCCK_PENDING     # set it in next
+0:      stmg    %r6,%r15,__SF_GPRS(%r15)        # store gprs of prev task
+        stg     %r15,__THREAD_ksp(%r2)          # store kernel stack of prev
+        lg      %r15,__THREAD_ksp(%r3)          # load kernel stack of next
+        lctl    %c4,%c4,__TASK_pid(%r3)         # load pid to control reg. 4
+        lmg     %r6,%r15,__SF_GPRS(%r15)        # load gprs of next task
+        stg     %r3,__LC_CURRENT                # store task struct of next
+        mvc     __LC_CURRENT_PID+4(4,%r0),__TASK_pid(%r3) # store pid of next
+        stg     %r5,__LC_THREAD_INFO            # store thread info of next
+        aghi    %r5,STACK_SIZE                  # end of kernel stack of next
+        stg     %r5,__LC_KERNEL_STACK           # store end of kernel stack
         br      %r14
 
 __critical_start:
@@ -256,7 +240,6 @@ sysc_saveall:
         CREATE_STACK_FRAME __LC_SAVE_AREA
         mvc     SP_PSW(16,%r15),__LC_SVC_OLD_PSW
         mvc     SP_ILC(4,%r15),__LC_SVC_ILC
-        stg     %r7,SP_ARGS(%r15)
         lg      %r12,__LC_THREAD_INFO   # load pointer to thread_info struct
 sysc_vtime:
         UPDATE_VTIME __LC_EXIT_TIMER,__LC_SYNC_ENTER_TIMER,__LC_USER_TIMER
@@ -284,6 +267,7 @@ sysc_nr_ok:
 sysc_noemu:
 #endif
         tm      __TI_flags+6(%r12),_TIF_SYSCALL
+        mvc     SP_ARGS(8,%r15),SP_R7(%r15)
         lgf     %r8,0(%r7,%r10) # load address of system call routine
         jnz     sysc_tracesys
         basr    %r14,%r8        # call sys_xxxx
@@ -319,7 +303,7 @@ sysc_work_tif:
         jo      sysc_notify_resume
         tm      __TI_flags+7(%r12),_TIF_RESTART_SVC
         jo      sysc_restart
-        tm      __TI_flags+7(%r12),_TIF_SINGLE_STEP
+        tm      __TI_flags+7(%r12),_TIF_PER_TRAP
         jo      sysc_singlestep
         j       sysc_return             # beware of critical section cleanup
 
@@ -341,12 +325,12 @@ sysc_mcck_pending:
 # _TIF_SIGPENDING is set, call do_signal
 #
 sysc_sigpending:
-        ni      __TI_flags+7(%r12),255-_TIF_SINGLE_STEP # clear TIF_SINGLE_STEP
+        ni      __TI_flags+7(%r12),255-_TIF_PER_TRAP # clear TIF_PER_TRAP
         la      %r2,SP_PTREGS(%r15)     # load pt_regs
         brasl   %r14,do_signal          # call do_signal
         tm      __TI_flags+7(%r12),_TIF_RESTART_SVC
         jo      sysc_restart
-        tm      __TI_flags+7(%r12),_TIF_SINGLE_STEP
+        tm      __TI_flags+7(%r12),_TIF_PER_TRAP
         jo      sysc_singlestep
         j       sysc_return
 
@@ -371,14 +355,14 @@ sysc_restart:
         j       sysc_nr_ok              # restart svc
 
 #
-# _TIF_SINGLE_STEP is set, call do_single_step
+# _TIF_PER_TRAP is set, call do_per_trap
 #
 sysc_singlestep:
-        ni      __TI_flags+7(%r12),255-_TIF_SINGLE_STEP # clear TIF_SINGLE_STEP
+        ni      __TI_flags+7(%r12),255-_TIF_PER_TRAP    # clear TIF_PER_TRAP
         xc      SP_SVCNR(2,%r15),SP_SVCNR(%r15)         # clear svc number
         la      %r2,SP_PTREGS(%r15)     # address of register-save area
         larl    %r14,sysc_return        # load adr. of system return
-        jg      do_single_step          # branch to do_sigtrap
+        jg      do_per_trap
 
 #
 # call tracehook_report_syscall_entry/tracehook_report_syscall_exit before
@@ -397,6 +381,7 @@ sysc_tracesys:
         lgf     %r8,0(%r7,%r10)
 sysc_tracego:
         lmg     %r3,%r6,SP_R3(%r15)
+        mvc     SP_ARGS(8,%r15),SP_R7(%r15)
         lg      %r2,SP_ORIG_R2(%r15)
         basr    %r14,%r8                # call sys_xxx
         stg     %r2,SP_R2(%r15)         # store return value
@@ -443,14 +428,12 @@ kernel_execve:
         br      %r14
         # execve succeeded.
 0:      stnsm   __SF_EMPTY(%r15),0xfc   # disable interrupts
-#       TRACE_IRQS_OFF
         lg      %r15,__LC_KERNEL_STACK  # load ksp
         aghi    %r15,-SP_SIZE           # make room for registers & psw
         lg      %r13,__LC_SVC_NEW_PSW+8
         mvc     SP_PTREGS(__PT_SIZE,%r15),0(%r12)       # copy pt_regs
         lg      %r12,__LC_THREAD_INFO
         xc      __SF_BACKCHAIN(8,%r15),__SF_BACKCHAIN(%r15)
-#       TRACE_IRQS_ON
         stosm   __SF_EMPTY(%r15),0x03   # reenable interrupts
         brasl   %r14,execve_tail
         j       sysc_return
@@ -490,19 +473,18 @@ pgm_check_handler:
         LAST_BREAK
 pgm_no_vtime:
         HANDLE_SIE_INTERCEPT
-        TRACE_IRQS_CHECK_OFF
         stg     %r11,SP_ARGS(%r15)
         lgf     %r3,__LC_PGM_ILC        # load program interruption code
+        lg      %r4,__LC_TRANS_EXC_CODE
+        REENABLE_IRQS
         lghi    %r8,0x7f
         ngr     %r8,%r3
-pgm_do_call:
         sll     %r8,3
         larl    %r1,pgm_check_table
         lg      %r1,0(%r8,%r1)          # load address of handler routine
         la      %r2,SP_PTREGS(%r15)     # address of register-save area
         basr    %r14,%r1                # branch to interrupt-handler
 pgm_exit:
-        TRACE_IRQS_CHECK_ON
         j       sysc_return
 
 #
@@ -533,15 +515,16 @@ pgm_per_std:
         LAST_BREAK
 pgm_no_vtime2:
         HANDLE_SIE_INTERCEPT
-        TRACE_IRQS_CHECK_OFF
         lg      %r1,__TI_task(%r12)
         tm      SP_PSW+1(%r15),0x01     # kernel per event ?
         jz      kernel_per
-        mvc     __THREAD_per+__PER_atmid(2,%r1),__LC_PER_ATMID
-        mvc     __THREAD_per+__PER_address(8,%r1),__LC_PER_ADDRESS
-        mvc     __THREAD_per+__PER_access_id(1,%r1),__LC_PER_ACCESS_ID
-        oi      __TI_flags+7(%r12),_TIF_SINGLE_STEP # set TIF_SINGLE_STEP
+        mvc     __THREAD_per_cause(2,%r1),__LC_PER_CAUSE
+        mvc     __THREAD_per_address(8,%r1),__LC_PER_ADDRESS
+        mvc     __THREAD_per_paid(1,%r1),__LC_PER_PAID
+        oi      __TI_flags+7(%r12),_TIF_PER_TRAP # set TIF_PER_TRAP
         lgf     %r3,__LC_PGM_ILC        # load program interruption code
+        lg      %r4,__LC_TRANS_EXC_CODE
+        REENABLE_IRQS
         lghi    %r8,0x7f
         ngr     %r8,%r3                 # clear per-event-bit and ilc
         je      pgm_exit2
@@ -551,8 +534,6 @@ pgm_no_vtime2:
         la      %r2,SP_PTREGS(%r15)     # address of register-save area
         basr    %r14,%r1                # branch to interrupt-handler
 pgm_exit2:
-        TRACE_IRQS_ON
-        stosm   __SF_EMPTY(%r15),0x03   # reenable interrupts
         j       sysc_return
 
 #
@@ -568,13 +549,11 @@ pgm_svcper:
         UPDATE_VTIME __LC_LAST_UPDATE_TIMER,__LC_EXIT_TIMER,__LC_SYSTEM_TIMER
         mvc     __LC_LAST_UPDATE_TIMER(8),__LC_SYNC_ENTER_TIMER
         LAST_BREAK
-        TRACE_IRQS_OFF
         lg      %r8,__TI_task(%r12)
-        mvc     __THREAD_per+__PER_atmid(2,%r8),__LC_PER_ATMID
-        mvc     __THREAD_per+__PER_address(8,%r8),__LC_PER_ADDRESS
-        mvc     __THREAD_per+__PER_access_id(1,%r8),__LC_PER_ACCESS_ID
-        oi      __TI_flags+7(%r12),_TIF_SINGLE_STEP # set TIF_SINGLE_STEP
-        TRACE_IRQS_ON
+        mvc     __THREAD_per_cause(2,%r8),__LC_PER_CAUSE
+        mvc     __THREAD_per_address(8,%r8),__LC_PER_ADDRESS
+        mvc     __THREAD_per_paid(1,%r8),__LC_PER_PAID
+        oi      __TI_flags+7(%r12),_TIF_PER_TRAP # set TIF_PER_TRAP
         stosm   __SF_EMPTY(%r15),0x03   # reenable interrupts
         lmg     %r2,%r6,SP_R2(%r15)     # load svc arguments
         j       sysc_do_svc
@@ -583,9 +562,10 @@ pgm_svcper:
 # per was called from kernel, must be kprobes
 #
 kernel_per:
+        REENABLE_IRQS
         xc      SP_SVCNR(2,%r15),SP_SVCNR(%r15) # clear svc number
         la      %r2,SP_PTREGS(%r15)     # address of register-save area
-        brasl   %r14,do_single_step
+        brasl   %r14,do_per_trap
         j       pgm_exit
 
 /*
@@ -743,8 +723,11 @@ ext_int_handler:
 ext_no_vtime:
         HANDLE_SIE_INTERCEPT
         TRACE_IRQS_OFF
+        lghi    %r1,4096
         la      %r2,SP_PTREGS(%r15)     # address of register-save area
-        llgh    %r3,__LC_EXT_INT_CODE   # get interruption code
+        llgf    %r3,__LC_CPU_ADDRESS    # get cpu address + interruption code
+        llgf    %r4,__LC_EXT_PARAMS     # get external parameter
+        lg      %r5,__LC_EXT_PARAMS2-4096(%r1)  # get 64 bit external parameter
         brasl   %r14,do_extint
         j       io_return
 
@@ -859,7 +842,7 @@ restart_base:
         mvc     __LC_SYSTEM_TIMER(8),__TI_system_timer(%r1)
         xc      __LC_STEAL_TIMER(8),__LC_STEAL_TIMER
         stosm   __SF_EMPTY(%r15),0x04   # now we can turn dat on
-        jg      start_secondary
+        brasl   %r14,start_secondary
         .align  8
 restart_vtime:
         .long   0x7fffffff,0xffffffff
@@ -879,6 +862,8 @@ restart_crash:
 restart_go:
 #endif
 
+        .section .kprobes.text, "ax"
+
 #ifdef CONFIG_CHECK_STACK
 /*
  * The synchronous or the asynchronous stack overflowed. We are dead.
@@ -966,7 +951,6 @@ cleanup_system_call:
         CREATE_STACK_FRAME __LC_SAVE_AREA
         mvc     SP_PSW(16,%r15),__LC_SVC_OLD_PSW
         mvc     SP_ILC(4,%r15),__LC_SVC_ILC
-        stg     %r7,SP_ARGS(%r15)
         mvc     8(8,%r12),__LC_THREAD_INFO
 cleanup_vtime:
         clc     __LC_RETURN_PSW+8(8),BASED(cleanup_system_call_insn+24)
diff --git a/arch/s390/kernel/ftrace.c b/arch/s390/kernel/ftrace.c
index 6a83d0581317..78bdf0e5dff7 100644
--- a/arch/s390/kernel/ftrace.c
+++ b/arch/s390/kernel/ftrace.c
@@ -4,7 +4,7 @@
  * Copyright IBM Corp. 2009
  *
  *   Author(s): Heiko Carstens <heiko.carstens@de.ibm.com>,
- *
+ *              Martin Schwidefsky <schwidefsky@de.ibm.com>
  */
 
 #include <linux/hardirq.h>
@@ -12,176 +12,144 @@
 #include <linux/ftrace.h>
 #include <linux/kernel.h>
 #include <linux/types.h>
+#include <linux/kprobes.h>
 #include <trace/syscall.h>
 #include <asm/asm-offsets.h>
 
+#ifdef CONFIG_64BIT
+#define MCOUNT_OFFSET_RET 12
+#else
+#define MCOUNT_OFFSET_RET 22
+#endif
+
 #ifdef CONFIG_DYNAMIC_FTRACE
 
 void ftrace_disable_code(void);
-void ftrace_disable_return(void);
-void ftrace_call_code(void);
-void ftrace_nop_code(void);
-
-#define FTRACE_INSN_SIZE 4
+void ftrace_enable_insn(void);
 
 #ifdef CONFIG_64BIT
-
+/*
+ * The 64-bit mcount code looks like this:
+ *      stg     %r14,8(%r15)            # offset 0
+ * >    larl    %r1,<&counter>          # offset 6
+ * >    brasl   %r14,_mcount            # offset 12
+ *      lg      %r14,8(%r15)            # offset 18
+ * Total length is 24 bytes. The middle two instructions of the mcount
+ * block get overwritten by ftrace_make_nop / ftrace_make_call.
+ * The 64-bit enabled ftrace code block looks like this:
+ *      stg     %r14,8(%r15)            # offset 0
+ * >    lg      %r1,__LC_FTRACE_FUNC    # offset 6
+ * >    lgr     %r0,%r0                 # offset 12
+ * >    basr    %r14,%r1                # offset 16
+ *      lg      %r14,8(%15)             # offset 18
+ * The return points of the mcount/ftrace function have the same offset 18.
+ * The 64-bit disable ftrace code block looks like this:
+ *      stg     %r14,8(%r15)            # offset 0
+ * >    jg      .+18                    # offset 6
+ * >    lgr     %r0,%r0                 # offset 12
+ * >    basr    %r14,%r1                # offset 16
+ *      lg      %r14,8(%15)             # offset 18
+ * The jg instruction branches to offset 24 to skip as many instructions
+ * as possible.
+ */
 asm(
         "       .align  4\n"
         "ftrace_disable_code:\n"
-        "       j       0f\n"
-        "       .word   0x0024\n"
-        "       lg      %r1,"__stringify(__LC_FTRACE_FUNC)"\n"
-        "       basr    %r14,%r1\n"
-        "ftrace_disable_return:\n"
-        "       lg      %r14,8(15)\n"
+        "       jg      0f\n"
         "       lgr     %r0,%r0\n"
-        "0:\n");
-
-asm(
+        "       basr    %r14,%r1\n"
+        "0:\n"
         "       .align  4\n"
-        "ftrace_nop_code:\n"
-        "       j       .+"__stringify(MCOUNT_INSN_SIZE)"\n");
+        "ftrace_enable_insn:\n"
+        "       lg      %r1,"__stringify(__LC_FTRACE_FUNC)"\n");
 
-asm(
-        "       .align  4\n"
-        "ftrace_call_code:\n"
-        "       stg     %r14,8(%r15)\n");
+#define FTRACE_INSN_SIZE        6
 
 #else /* CONFIG_64BIT */
-
+/*
+ * The 31-bit mcount code looks like this:
+ *      st      %r14,4(%r15)            # offset 0
+ * >    bras    %r1,0f                  # offset 4
+ * >    .long   _mcount                 # offset 8
+ * >    .long   <&counter>              # offset 12
+ * > 0: l       %r14,0(%r1)             # offset 16
+ * >    l       %r1,4(%r1)              # offset 20
+ *      basr    %r14,%r14               # offset 24
+ *      l       %r14,4(%r15)            # offset 26
+ * Total length is 30 bytes. The twenty bytes starting from offset 4
+ * to offset 24 get overwritten by ftrace_make_nop / ftrace_make_call.
+ * The 31-bit enabled ftrace code block looks like this:
+ *      st      %r14,4(%r15)            # offset 0
+ * >    l       %r14,__LC_FTRACE_FUNC   # offset 4
+ * >    j       0f                      # offset 8
+ * >    .fill   12,1,0x07               # offset 12
+ *   0: basr    %r14,%r14               # offset 24
+ *      l       %r14,4(%r14)            # offset 26
+ * The return points of the mcount/ftrace function have the same offset 26.
+ * The 31-bit disabled ftrace code block looks like this:
+ *      st      %r14,4(%r15)            # offset 0
+ * >    j       .+26                    # offset 4
+ * >    j       0f                      # offset 8
+ * >    .fill   12,1,0x07               # offset 12
+ *   0: basr    %r14,%r14               # offset 24
+ *      l       %r14,4(%r14)            # offset 26
+ * The j instruction branches to offset 30 to skip as many instructions
+ * as possible.
+ */
 asm(
         "       .align  4\n"
         "ftrace_disable_code:\n"
+        "       j       1f\n"
         "       j       0f\n"
-        "       l       %r1,"__stringify(__LC_FTRACE_FUNC)"\n"
-        "       basr    %r14,%r1\n"
-        "ftrace_disable_return:\n"
-        "       l       %r14,4(%r15)\n"
-        "       j       0f\n"
-        "       bcr     0,%r7\n"
-        "       bcr     0,%r7\n"
-        "       bcr     0,%r7\n"
-        "       bcr     0,%r7\n"
-        "       bcr     0,%r7\n"
-        "       bcr     0,%r7\n"
-        "0:\n");
-
-asm(
+        "       .fill   12,1,0x07\n"
+        "0:     basr    %r14,%r14\n"
+        "1:\n"
         "       .align  4\n"
-        "ftrace_nop_code:\n"
-        "       j       .+"__stringify(MCOUNT_INSN_SIZE)"\n");
+        "ftrace_enable_insn:\n"
+        "       l       %r14,"__stringify(__LC_FTRACE_FUNC)"\n");
 
-asm(
-        "       .align  4\n"
-        "ftrace_call_code:\n"
-        "       st      %r14,4(%r15)\n");
+#define FTRACE_INSN_SIZE        4
 
 #endif /* CONFIG_64BIT */
 
-static int ftrace_modify_code(unsigned long ip,
-                              void *old_code, int old_size,
-                              void *new_code, int new_size)
-{
-        unsigned char replaced[MCOUNT_INSN_SIZE];
-
-        /*
-         * Note: Due to modules code can disappear and change.
-         *  We need to protect against faulting as well as code
-         *  changing. We do this by using the probe_kernel_*
-         *  functions.
-         *  This however is just a simple sanity check.
-         */
-        if (probe_kernel_read(replaced, (void *)ip, old_size))
-                return -EFAULT;
-        if (memcmp(replaced, old_code, old_size) != 0)
-                return -EINVAL;
-        if (probe_kernel_write((void *)ip, new_code, new_size))
-                return -EPERM;
-        return 0;
-}
-
-static int ftrace_make_initial_nop(struct module *mod, struct dyn_ftrace *rec,
-                                   unsigned long addr)
-{
-        return ftrace_modify_code(rec->ip,
-                                  ftrace_call_code, FTRACE_INSN_SIZE,
-                                  ftrace_disable_code, MCOUNT_INSN_SIZE);
-}
 
 int ftrace_make_nop(struct module *mod, struct dyn_ftrace *rec,
                     unsigned long addr)
 {
-        if (addr == MCOUNT_ADDR)
-                return ftrace_make_initial_nop(mod, rec, addr);
-        return ftrace_modify_code(rec->ip,
-                                  ftrace_call_code, FTRACE_INSN_SIZE,
-                                  ftrace_nop_code, FTRACE_INSN_SIZE);
+        if (probe_kernel_write((void *) rec->ip, ftrace_disable_code,
+                               MCOUNT_INSN_SIZE))
+                return -EPERM;
+        return 0;
 }
 
 int ftrace_make_call(struct dyn_ftrace *rec, unsigned long addr)
 {
-        return ftrace_modify_code(rec->ip,
-                                  ftrace_nop_code, FTRACE_INSN_SIZE,
-                                  ftrace_call_code, FTRACE_INSN_SIZE);
+        if (probe_kernel_write((void *) rec->ip, ftrace_enable_insn,
+                               FTRACE_INSN_SIZE))
+                return -EPERM;
+        return 0;
 }
 
 int ftrace_update_ftrace_func(ftrace_func_t func)
 {
-        ftrace_dyn_func = (unsigned long)func;
         return 0;
 }
 
 int __init ftrace_dyn_arch_init(void *data)
 {
-        *(unsigned long *)data = 0;
+        *(unsigned long *) data = 0;
         return 0;
 }
 
 #endif /* CONFIG_DYNAMIC_FTRACE */
 
 #ifdef CONFIG_FUNCTION_GRAPH_TRACER
-#ifdef CONFIG_DYNAMIC_FTRACE
-/*
- * Patch the kernel code at ftrace_graph_caller location:
- * The instruction there is branch relative on condition. The condition mask
- * is either all ones (always branch aka disable ftrace_graph_caller) or all
- * zeroes (nop aka enable ftrace_graph_caller).
- * Instruction format for brc is a7m4xxxx where m is the condition mask.
- */
-int ftrace_enable_ftrace_graph_caller(void)
-{
-        unsigned short opcode = 0xa704;
-
-        return probe_kernel_write(ftrace_graph_caller, &opcode, sizeof(opcode));
-}
-
-int ftrace_disable_ftrace_graph_caller(void)
-{
-        unsigned short opcode = 0xa7f4;
-
-        return probe_kernel_write(ftrace_graph_caller, &opcode, sizeof(opcode));
-}
-
-static inline unsigned long ftrace_mcount_call_adjust(unsigned long addr)
-{
-        return addr - (ftrace_disable_return - ftrace_disable_code);
-}
-
-#else /* CONFIG_DYNAMIC_FTRACE */
-
-static inline unsigned long ftrace_mcount_call_adjust(unsigned long addr)
-{
-        return addr - MCOUNT_OFFSET_RET;
-}
-
-#endif /* CONFIG_DYNAMIC_FTRACE */
-
 /*
  * Hook the return address and push it in the stack of return addresses
  * in current thread info.
  */
-unsigned long prepare_ftrace_return(unsigned long ip, unsigned long parent)
+unsigned long __kprobes prepare_ftrace_return(unsigned long parent,
+                                              unsigned long ip)
 {
         struct ftrace_graph_ent trace;
 
@@ -189,14 +157,42 @@ unsigned long prepare_ftrace_return(unsigned long ip, unsigned long parent)
                 goto out;
         if (ftrace_push_return_trace(parent, ip, &trace.depth, 0) == -EBUSY)
                 goto out;
-        trace.func = ftrace_mcount_call_adjust(ip) & PSW_ADDR_INSN;
+        trace.func = (ip & PSW_ADDR_INSN) - MCOUNT_OFFSET_RET;
         /* Only trace if the calling function expects to. */
         if (!ftrace_graph_entry(&trace)) {
                 current->curr_ret_stack--;
                 goto out;
         }
-        parent = (unsigned long)return_to_handler;
+        parent = (unsigned long) return_to_handler;
 out:
         return parent;
 }
+
+#ifdef CONFIG_DYNAMIC_FTRACE
+/*
+ * Patch the kernel code at ftrace_graph_caller location. The instruction
+ * there is branch relative and save to prepare_ftrace_return. To disable
+ * the call to prepare_ftrace_return we patch the bras offset to point
+ * directly after the instructions. To enable the call we calculate
+ * the original offset to prepare_ftrace_return and put it back.
+ */
+int ftrace_enable_ftrace_graph_caller(void)
+{
+        unsigned short offset;
+
+        offset = ((void *) prepare_ftrace_return -
+                  (void *) ftrace_graph_caller) / 2;
+        return probe_kernel_write(ftrace_graph_caller + 2,
+                                  &offset, sizeof(offset));
+}
+
+int ftrace_disable_ftrace_graph_caller(void)
+{
+        static unsigned short offset = 0x0002;
+
+        return probe_kernel_write(ftrace_graph_caller + 2,
+                                  &offset, sizeof(offset));
+}
+
+#endif /* CONFIG_DYNAMIC_FTRACE */
 #endif /* CONFIG_FUNCTION_GRAPH_TRACER */
diff --git a/arch/s390/kernel/head.S b/arch/s390/kernel/head.S
index db1696e210af..fb317bf2c378 100644
--- a/arch/s390/kernel/head.S
+++ b/arch/s390/kernel/head.S
@@ -460,7 +460,7 @@ startup:
 #ifndef CONFIG_MARCH_G5
         # check capabilities against MARCH_{G5,Z900,Z990,Z9_109,Z10}
         xc      __LC_STFL_FAC_LIST(8),__LC_STFL_FAC_LIST
-        stfl    __LC_STFL_FAC_LIST      # store facility list
+        .insn   s,0xb2b10000,__LC_STFL_FAC_LIST # store facility list
         tm      __LC_STFL_FAC_LIST,0x01 # stfle available ?
         jz      0f
         la      %r0,0
@@ -488,7 +488,9 @@ startup:
         .align 16
 2:      .long   0x000a0000,0x8badcccc
 #if defined(CONFIG_64BIT)
-#if defined(CONFIG_MARCH_Z10)
+#if defined(CONFIG_MARCH_Z196)
+        .long 0xc100efe3, 0xf46c0000
+#elif defined(CONFIG_MARCH_Z10)
         .long 0xc100efe3, 0xf0680000
 #elif defined(CONFIG_MARCH_Z9_109)
         .long 0xc100efc3, 0x00000000
@@ -498,7 +500,9 @@ startup:
         .long 0xc0000000, 0x00000000
 #endif
 #else
-#if defined(CONFIG_MARCH_Z10)
+#if defined(CONFIG_MARCH_Z196)
+        .long 0x8100c880, 0x00000000
+#elif defined(CONFIG_MARCH_Z10)
         .long 0x8100c880, 0x00000000
 #elif defined(CONFIG_MARCH_Z9_109)
         .long 0x8100c880, 0x00000000
diff --git a/arch/s390/kernel/irq.c b/arch/s390/kernel/irq.c
index 026a37a94fc9..e3264f6a9720 100644
--- a/arch/s390/kernel/irq.c
+++ b/arch/s390/kernel/irq.c
@@ -1,28 +1,66 @@
 /*
- *  arch/s390/kernel/irq.c
- *
- *    Copyright IBM Corp. 2004,2007
- *    Author(s): Martin Schwidefsky (schwidefsky@de.ibm.com),
- *               Thomas Spatzier (tspat@de.ibm.com)
+ *    Copyright IBM Corp. 2004,2011
+ *    Author(s): Martin Schwidefsky <schwidefsky@de.ibm.com>,
+ *               Holger Smolinski <Holger.Smolinski@de.ibm.com>,
+ *               Thomas Spatzier <tspat@de.ibm.com>,
  *
  * This file contains interrupt related functions.
  */
 
-#include <linux/module.h>
-#include <linux/kernel.h>
 #include <linux/kernel_stat.h>
 #include <linux/interrupt.h>
 #include <linux/seq_file.h>
-#include <linux/cpu.h>
 #include <linux/proc_fs.h>
 #include <linux/profile.h>
+#include <linux/module.h>
+#include <linux/kernel.h>
+#include <linux/ftrace.h>
+#include <linux/errno.h>
+#include <linux/slab.h>
+#include <linux/cpu.h>
+#include <asm/irq_regs.h>
+#include <asm/cputime.h>
+#include <asm/lowcore.h>
+#include <asm/irq.h>
+#include "entry.h"
+
+struct irq_class {
+        char *name;
+        char *desc;
+};
+
+static const struct irq_class intrclass_names[] = {
+        {.name = "EXT" },
+        {.name = "I/O" },
+        {.name = "CLK", .desc = "[EXT] Clock Comparator" },
+        {.name = "IPI", .desc = "[EXT] Signal Processor" },
+        {.name = "TMR", .desc = "[EXT] CPU Timer" },
+        {.name = "TAL", .desc = "[EXT] Timing Alert" },
+        {.name = "PFL", .desc = "[EXT] Pseudo Page Fault" },
+        {.name = "DSD", .desc = "[EXT] DASD Diag" },
+        {.name = "VRT", .desc = "[EXT] Virtio" },
+        {.name = "SCP", .desc = "[EXT] Service Call" },
+        {.name = "IUC", .desc = "[EXT] IUCV" },
+        {.name = "CPM", .desc = "[EXT] CPU Measurement" },
+        {.name = "QAI", .desc = "[I/O] QDIO Adapter Interrupt" },
+        {.name = "QDI", .desc = "[I/O] QDIO Interrupt" },
+        {.name = "DAS", .desc = "[I/O] DASD" },
+        {.name = "C15", .desc = "[I/O] 3215" },
+        {.name = "C70", .desc = "[I/O] 3270" },
+        {.name = "TAP", .desc = "[I/O] Tape" },
+        {.name = "VMR", .desc = "[I/O] Unit Record Devices" },
+        {.name = "LCS", .desc = "[I/O] LCS" },
+        {.name = "CLW", .desc = "[I/O] CLAW" },
+        {.name = "CTC", .desc = "[I/O] CTC" },
+        {.name = "APB", .desc = "[I/O] AP Bus" },
+        {.name = "NMI", .desc = "[NMI] Machine Check" },
+};
 
 /*
  * show_interrupts is needed by /proc/interrupts.
  */
 int show_interrupts(struct seq_file *p, void *v)
 {
-        static const char *intrclass_names[] = { "EXT", "I/O", };
         int i = *(loff_t *) v, j;
 
         get_online_cpus();
@@ -34,15 +72,16 @@ int show_interrupts(struct seq_file *p, void *v)
         }
 
         if (i < NR_IRQS) {
-                seq_printf(p, "%s: ", intrclass_names[i]);
+                seq_printf(p, "%s: ", intrclass_names[i].name);
 #ifndef CONFIG_SMP
                 seq_printf(p, "%10u ", kstat_irqs(i));
 #else
                 for_each_online_cpu(j)
                         seq_printf(p, "%10u ", kstat_cpu(j).irqs[i]);
 #endif
+                if (intrclass_names[i].desc)
+                        seq_printf(p, "  %s", intrclass_names[i].desc);
                 seq_putc(p, '\n');
-
         }
         put_online_cpus();
         return 0;
@@ -52,8 +91,7 @@ int show_interrupts(struct seq_file *p, void *v)
  * For compatibilty only. S/390 specific setup of interrupts et al. is done
  * much later in init_channel_subsystem().
  */
-void __init
-init_IRQ(void)
+void __init init_IRQ(void)
 {
         /* nothing... */
 }
@@ -104,3 +142,116 @@ void init_irq_proc(void)
         create_prof_cpu_mask(root_irq_dir);
 }
 #endif
+
+/*
+ * ext_int_hash[index] is the start of the list for all external interrupts
+ * that hash to this index. With the current set of external interrupts
+ * (0x1202 external call, 0x1004 cpu timer, 0x2401 hwc console, 0x4000
+ * iucv and 0x2603 pfault) this is always the first element.
+ */
+
+struct ext_int_info {
+        struct ext_int_info *next;
+        ext_int_handler_t handler;
+        u16 code;
+};
+
+static struct ext_int_info *ext_int_hash[256];
+
+static inline int ext_hash(u16 code)
+{
+        return (code + (code >> 9)) & 0xff;
+}
+
+int register_external_interrupt(u16 code, ext_int_handler_t handler)
+{
+        struct ext_int_info *p;
+        int index;
+
+        p = kmalloc(sizeof(*p), GFP_ATOMIC);
+        if (!p)
+                return -ENOMEM;
+        p->code = code;
+        p->handler = handler;
+        index = ext_hash(code);
+        p->next = ext_int_hash[index];
+        ext_int_hash[index] = p;
+        return 0;
+}
+EXPORT_SYMBOL(register_external_interrupt);
+
+int unregister_external_interrupt(u16 code, ext_int_handler_t handler)
+{
+        struct ext_int_info *p, *q;
+        int index;
+
+        index = ext_hash(code);
+        q = NULL;
+        p = ext_int_hash[index];
+        while (p) {
+                if (p->code == code && p->handler == handler)
+                        break;
+                q = p;
+                p = p->next;
+        }
+        if (!p)
+                return -ENOENT;
+        if (q)
+                q->next = p->next;
+        else
+                ext_int_hash[index] = p->next;
+        kfree(p);
+        return 0;
+}
+EXPORT_SYMBOL(unregister_external_interrupt);
+
+void __irq_entry do_extint(struct pt_regs *regs, unsigned int ext_int_code,
+                           unsigned int param32, unsigned long param64)
+{
+        struct pt_regs *old_regs;
+        unsigned short code;
+        struct ext_int_info *p;
+        int index;
+
+        code = (unsigned short) ext_int_code;
+        old_regs = set_irq_regs(regs);
+        s390_idle_check(regs, S390_lowcore.int_clock,
+                        S390_lowcore.async_enter_timer);
+        irq_enter();
+        if (S390_lowcore.int_clock >= S390_lowcore.clock_comparator)
+                /* Serve timer interrupts first. */
+                clock_comparator_work();
+        kstat_cpu(smp_processor_id()).irqs[EXTERNAL_INTERRUPT]++;
+        if (code != 0x1004)
+                __get_cpu_var(s390_idle).nohz_delay = 1;
+        index = ext_hash(code);
+        for (p = ext_int_hash[index]; p; p = p->next) {
+                if (likely(p->code == code))
+                        p->handler(ext_int_code, param32, param64);
+        }
+        irq_exit();
+        set_irq_regs(old_regs);
+}
+
+static DEFINE_SPINLOCK(sc_irq_lock);
+static int sc_irq_refcount;
+
+void service_subclass_irq_register(void)
+{
+        spin_lock(&sc_irq_lock);
+        if (!sc_irq_refcount)
+                ctl_set_bit(0, 9);
+        sc_irq_refcount++;
+        spin_unlock(&sc_irq_lock);
+}
+EXPORT_SYMBOL(service_subclass_irq_register);
+
+void service_subclass_irq_unregister(void)
+{
+        spin_lock(&sc_irq_lock);
+        sc_irq_refcount--;
+        if (!sc_irq_refcount)
+                ctl_clear_bit(0, 9);
+        spin_unlock(&sc_irq_lock);
+}
+EXPORT_SYMBOL(service_subclass_irq_unregister);
diff --git a/arch/s390/kernel/jump_label.c b/arch/s390/kernel/jump_label.c
new file mode 100644
index 000000000000..44cc06bedf77
--- /dev/null
+++ b/arch/s390/kernel/jump_label.c
@@ -0,0 +1,59 @@
+/*
+ * Jump label s390 support
+ *
+ * Copyright IBM Corp. 2011
+ * Author(s): Jan Glauber <jang@linux.vnet.ibm.com>
+ */
+#include <linux/module.h>
+#include <linux/uaccess.h>
+#include <linux/stop_machine.h>
+#include <linux/jump_label.h>
+#include <asm/ipl.h>
+
+#ifdef HAVE_JUMP_LABEL
+
+struct insn {
+        u16 opcode;
+        s32 offset;
+} __packed;
+
+struct insn_args {
+        unsigned long *target;
+        struct insn *insn;
+        ssize_t size;
+};
+
+static int __arch_jump_label_transform(void *data)
+{
+        struct insn_args *args = data;
+        int rc;
+
+        rc = probe_kernel_write(args->target, args->insn, args->size);
+        WARN_ON_ONCE(rc < 0);
+        return 0;
+}
+
+void arch_jump_label_transform(struct jump_entry *entry,
+                               enum jump_label_type type)
+{
+        struct insn_args args;
+        struct insn insn;
+
+        if (type == JUMP_LABEL_ENABLE) {
+                /* brcl 15,offset */
+                insn.opcode = 0xc0f4;
+                insn.offset = (entry->target - entry->code) >> 1;
+        } else {
+                /* brcl 0,0 */
+                insn.opcode = 0xc004;
+                insn.offset = 0;
+        }
+
+        args.target = (void *) entry->code;
+        args.insn = &insn;
+        args.size = JUMP_LABEL_NOP_SIZE;
+
+        stop_machine(__arch_jump_label_transform, &args, NULL);
+}
+
+#endif
diff --git a/arch/s390/kernel/kprobes.c b/arch/s390/kernel/kprobes.c
index 2a3d2bf6f083..1d05d669107c 100644
--- a/arch/s390/kernel/kprobes.c
+++ b/arch/s390/kernel/kprobes.c
@@ -30,35 +30,16 @@
 #include <asm/sections.h>
 #include <linux/module.h>
 #include <linux/slab.h>
+#include <linux/hardirq.h>
 
-DEFINE_PER_CPU(struct kprobe *, current_kprobe) = NULL;
+DEFINE_PER_CPU(struct kprobe *, current_kprobe);
 DEFINE_PER_CPU(struct kprobe_ctlblk, kprobe_ctlblk);
 
-struct kretprobe_blackpoint kretprobe_blacklist[] = {{NULL, NULL}};
+struct kretprobe_blackpoint kretprobe_blacklist[] = { };
 
-int __kprobes arch_prepare_kprobe(struct kprobe *p)
+static int __kprobes is_prohibited_opcode(kprobe_opcode_t *insn)
 {
-        /* Make sure the probe isn't going on a difficult instruction */
-        if (is_prohibited_opcode((kprobe_opcode_t *) p->addr))
-                return -EINVAL;
-
-        if ((unsigned long)p->addr & 0x01)
-                return -EINVAL;
-
-        /* Use the get_insn_slot() facility for correctness */
-        if (!(p->ainsn.insn = get_insn_slot()))
-                return -ENOMEM;
-
-        memcpy(p->ainsn.insn, p->addr, MAX_INSN_SIZE * sizeof(kprobe_opcode_t));
-
-        get_instruction_type(&p->ainsn);
-        p->opcode = *p->addr;
-        return 0;
-}
-
-int __kprobes is_prohibited_opcode(kprobe_opcode_t *instruction)
-{
-        switch (*(__u8 *) instruction) {
+        switch (insn[0] >> 8) {
         case 0x0c:      /* bassm */
         case 0x0b:      /* bsm   */
         case 0x83:      /* diag  */
@@ -67,7 +48,7 @@ int __kprobes is_prohibited_opcode(kprobe_opcode_t *instruction)
         case 0xad:      /* stosm */
                 return -EINVAL;
         }
-        switch (*(__u16 *) instruction) {
+        switch (insn[0]) {
         case 0x0101:    /* pr    */
         case 0xb25a:    /* bsa   */
         case 0xb240:    /* bakr  */
@@ -80,93 +61,92 @@ int __kprobes is_prohibited_opcode(kprobe_opcode_t *instruction)
         return 0;
 }
 
-void __kprobes get_instruction_type(struct arch_specific_insn *ainsn)
+static int __kprobes get_fixup_type(kprobe_opcode_t *insn)
 {
         /* default fixup method */
-        ainsn->fixup = FIXUP_PSW_NORMAL;
-
-        /* save r1 operand */
-        ainsn->reg = (*ainsn->insn & 0xf0) >> 4;
-
-        /* save the instruction length (pop 5-5) in bytes */
-        switch (*(__u8 *) (ainsn->insn) >> 6) {
-        case 0:
-                ainsn->ilen = 2;
-                break;
-        case 1:
-        case 2:
-                ainsn->ilen = 4;
-                break;
-        case 3:
-                ainsn->ilen = 6;
-                break;
-        }
+        int fixup = FIXUP_PSW_NORMAL;
 
-        switch (*(__u8 *) ainsn->insn) {
+        switch (insn[0] >> 8) {
         case 0x05:      /* balr */
         case 0x0d:      /* basr */
-                ainsn->fixup = FIXUP_RETURN_REGISTER;
+                fixup = FIXUP_RETURN_REGISTER;
                 /* if r2 = 0, no branch will be taken */
-                if ((*ainsn->insn & 0x0f) == 0)
-                        ainsn->fixup |= FIXUP_BRANCH_NOT_TAKEN;
+                if ((insn[0] & 0x0f) == 0)
+                        fixup |= FIXUP_BRANCH_NOT_TAKEN;
                 break;
         case 0x06:      /* bctr */
         case 0x07:      /* bcr  */
-                ainsn->fixup = FIXUP_BRANCH_NOT_TAKEN;
+                fixup = FIXUP_BRANCH_NOT_TAKEN;
                 break;
         case 0x45:      /* bal  */
         case 0x4d:      /* bas  */
-                ainsn->fixup = FIXUP_RETURN_REGISTER;
+                fixup = FIXUP_RETURN_REGISTER;
                 break;
         case 0x47:      /* bc   */
         case 0x46:      /* bct  */
         case 0x86:      /* bxh  */
         case 0x87:      /* bxle */
-                ainsn->fixup = FIXUP_BRANCH_NOT_TAKEN;
+                fixup = FIXUP_BRANCH_NOT_TAKEN;
                 break;
         case 0x82:      /* lpsw */
-                ainsn->fixup = FIXUP_NOT_REQUIRED;
+                fixup = FIXUP_NOT_REQUIRED;
                 break;
         case 0xb2:      /* lpswe */
-                if (*(((__u8 *) ainsn->insn) + 1) == 0xb2) {
-                        ainsn->fixup = FIXUP_NOT_REQUIRED;
-                }
+                if ((insn[0] & 0xff) == 0xb2)
+                        fixup = FIXUP_NOT_REQUIRED;
                 break;
         case 0xa7:      /* bras */
-                if ((*ainsn->insn & 0x0f) == 0x05) {
-                        ainsn->fixup |= FIXUP_RETURN_REGISTER;
-                }
+                if ((insn[0] & 0x0f) == 0x05)
+                        fixup |= FIXUP_RETURN_REGISTER;
                 break;
         case 0xc0:
-                if ((*ainsn->insn & 0x0f) == 0x00  /* larl  */
-                        || (*ainsn->insn & 0x0f) == 0x05) /* brasl */
-                ainsn->fixup |= FIXUP_RETURN_REGISTER;
+                if ((insn[0] & 0x0f) == 0x00 || /* larl  */
+                    (insn[0] & 0x0f) == 0x05)   /* brasl */
+                fixup |= FIXUP_RETURN_REGISTER;
                 break;
         case 0xeb:
-                if (*(((__u8 *) ainsn->insn) + 5 ) == 0x44 ||   /* bxhg  */
-                        *(((__u8 *) ainsn->insn) + 5) == 0x45) {/* bxleg */
-                        ainsn->fixup = FIXUP_BRANCH_NOT_TAKEN;
-                }
+                if ((insn[2] & 0xff) == 0x44 || /* bxhg  */
+                    (insn[2] & 0xff) == 0x45)   /* bxleg */
+                        fixup = FIXUP_BRANCH_NOT_TAKEN;
                 break;
         case 0xe3:      /* bctg */
-                if (*(((__u8 *) ainsn->insn) + 5) == 0x46) {
-                        ainsn->fixup = FIXUP_BRANCH_NOT_TAKEN;
-                }
+                if ((insn[2] & 0xff) == 0x46)
+                        fixup = FIXUP_BRANCH_NOT_TAKEN;
                 break;
         }
+        return fixup;
 }
 
+int __kprobes arch_prepare_kprobe(struct kprobe *p)
+{
+        if ((unsigned long) p->addr & 0x01)
+                return -EINVAL;
+
+        /* Make sure the probe isn't going on a difficult instruction */
+        if (is_prohibited_opcode(p->addr))
+                return -EINVAL;
+
+        p->opcode = *p->addr;
+        memcpy(p->ainsn.insn, p->addr, ((p->opcode >> 14) + 3) & -2);
+
+        return 0;
+}
+
+struct ins_replace_args {
+        kprobe_opcode_t *ptr;
+        kprobe_opcode_t opcode;
+};
+
 static int __kprobes swap_instruction(void *aref)
 {
         struct kprobe_ctlblk *kcb = get_kprobe_ctlblk();
         unsigned long status = kcb->kprobe_status;
         struct ins_replace_args *args = aref;
-        int rc;
 
         kcb->kprobe_status = KPROBE_SWAP_INST;
-        rc = probe_kernel_write(args->ptr, &args->new, sizeof(args->new));
+        probe_kernel_write(args->ptr, &args->opcode, sizeof(args->opcode));
         kcb->kprobe_status = status;
-        return rc;
+        return 0;
 }
 
 void __kprobes arch_arm_kprobe(struct kprobe *p)
@@ -174,8 +154,7 @@ void __kprobes arch_arm_kprobe(struct kprobe *p)
         struct ins_replace_args args;
 
         args.ptr = p->addr;
-        args.old = p->opcode;
-        args.new = BREAKPOINT_INSTRUCTION;
+        args.opcode = BREAKPOINT_INSTRUCTION;
         stop_machine(swap_instruction, &args, NULL);
 }
 
@@ -184,64 +163,69 @@ void __kprobes arch_disarm_kprobe(struct kprobe *p)
         struct ins_replace_args args;
 
         args.ptr = p->addr;
-        args.old = BREAKPOINT_INSTRUCTION;
-        args.new = p->opcode;
+        args.opcode = p->opcode;
         stop_machine(swap_instruction, &args, NULL);
 }
 
 void __kprobes arch_remove_kprobe(struct kprobe *p)
 {
-        if (p->ainsn.insn) {
-                free_insn_slot(p->ainsn.insn, 0);
-                p->ainsn.insn = NULL;
-        }
 }
 
-static void __kprobes prepare_singlestep(struct kprobe *p, struct pt_regs *regs)
+static void __kprobes enable_singlestep(struct kprobe_ctlblk *kcb,
+                                        struct pt_regs *regs,
+                                        unsigned long ip)
 {
-        per_cr_bits kprobe_per_regs[1];
+        struct per_regs per_kprobe;
 
-        memset(kprobe_per_regs, 0, sizeof(per_cr_bits));
-        regs->psw.addr = (unsigned long)p->ainsn.insn | PSW_ADDR_AMODE;
+        /* Set up the PER control registers %cr9-%cr11 */
+        per_kprobe.control = PER_EVENT_IFETCH;
+        per_kprobe.start = ip;
+        per_kprobe.end = ip;
 
-        /* Set up the per control reg info, will pass to lctl */
-        kprobe_per_regs[0].em_instruction_fetch = 1;
-        kprobe_per_regs[0].starting_addr = (unsigned long)p->ainsn.insn;
-        kprobe_per_regs[0].ending_addr = (unsigned long)p->ainsn.insn + 1;
+        /* Save control regs and psw mask */
+        __ctl_store(kcb->kprobe_saved_ctl, 9, 11);
+        kcb->kprobe_saved_imask = regs->psw.mask &
+                (PSW_MASK_PER | PSW_MASK_IO | PSW_MASK_EXT);
 
-        /* Set the PER control regs, turns on single step for this address */
-        __ctl_load(kprobe_per_regs, 9, 11);
+        /* Set PER control regs, turns on single step for the given address */
+        __ctl_load(per_kprobe, 9, 11);
         regs->psw.mask |= PSW_MASK_PER;
-        regs->psw.mask &= ~(PSW_MASK_IO | PSW_MASK_EXT | PSW_MASK_MCHECK);
+        regs->psw.mask &= ~(PSW_MASK_IO | PSW_MASK_EXT);
+        regs->psw.addr = ip | PSW_ADDR_AMODE;
 }
 
-static void __kprobes save_previous_kprobe(struct kprobe_ctlblk *kcb)
+static void __kprobes disable_singlestep(struct kprobe_ctlblk *kcb,
+                                         struct pt_regs *regs,
+                                         unsigned long ip)
 {
-        kcb->prev_kprobe.kp = kprobe_running();
-        kcb->prev_kprobe.status = kcb->kprobe_status;
-        kcb->prev_kprobe.kprobe_saved_imask = kcb->kprobe_saved_imask;
-        memcpy(kcb->prev_kprobe.kprobe_saved_ctl, kcb->kprobe_saved_ctl,
-                                        sizeof(kcb->kprobe_saved_ctl));
+        /* Restore control regs and psw mask, set new psw address */
+        __ctl_load(kcb->kprobe_saved_ctl, 9, 11);
+        regs->psw.mask &= ~PSW_MASK_PER;
+        regs->psw.mask |= kcb->kprobe_saved_imask;
+        regs->psw.addr = ip | PSW_ADDR_AMODE;
 }
 
-static void __kprobes restore_previous_kprobe(struct kprobe_ctlblk *kcb)
+/*
+ * Activate a kprobe by storing its pointer to current_kprobe. The
+ * previous kprobe is stored in kcb->prev_kprobe. A stack of up to
+ * two kprobes can be active, see KPROBE_REENTER.
+ */
+static void __kprobes push_kprobe(struct kprobe_ctlblk *kcb, struct kprobe *p)
 {
-        __get_cpu_var(current_kprobe) = kcb->prev_kprobe.kp;
-        kcb->kprobe_status = kcb->prev_kprobe.status;
-        kcb->kprobe_saved_imask = kcb->prev_kprobe.kprobe_saved_imask;
-        memcpy(kcb->kprobe_saved_ctl, kcb->prev_kprobe.kprobe_saved_ctl,
-                                        sizeof(kcb->kprobe_saved_ctl));
+        kcb->prev_kprobe.kp = __get_cpu_var(current_kprobe);
+        kcb->prev_kprobe.status = kcb->kprobe_status;
+        __get_cpu_var(current_kprobe) = p;
 }
 
-static void __kprobes set_current_kprobe(struct kprobe *p, struct pt_regs *regs,
-                                                struct kprobe_ctlblk *kcb)
+/*
+ * Deactivate a kprobe by backing up to the previous state. If the
+ * current state is KPROBE_REENTER prev_kprobe.kp will be non-NULL,
+ * for any other state prev_kprobe.kp will be NULL.
+ */
+static void __kprobes pop_kprobe(struct kprobe_ctlblk *kcb)
 {
-        __get_cpu_var(current_kprobe) = p;
-        /* Save the interrupt and per flags */
-        kcb->kprobe_saved_imask = regs->psw.mask &
-            (PSW_MASK_PER | PSW_MASK_IO | PSW_MASK_EXT | PSW_MASK_MCHECK);
-        /* Save the control regs that govern PER */
-        __ctl_store(kcb->kprobe_saved_ctl, 9, 11);
+        __get_cpu_var(current_kprobe) = kcb->prev_kprobe.kp;
+        kcb->kprobe_status = kcb->prev_kprobe.status;
 }
 
 void __kprobes arch_prepare_kretprobe(struct kretprobe_instance *ri,
@@ -250,79 +234,104 @@ void __kprobes arch_prepare_kretprobe(struct kretprobe_instance *ri,
         ri->ret_addr = (kprobe_opcode_t *) regs->gprs[14];
 
         /* Replace the return addr with trampoline addr */
-        regs->gprs[14] = (unsigned long)&kretprobe_trampoline;
+        regs->gprs[14] = (unsigned long) &kretprobe_trampoline;
+}
+
+static void __kprobes kprobe_reenter_check(struct kprobe_ctlblk *kcb,
+                                           struct kprobe *p)
+{
+        switch (kcb->kprobe_status) {
+        case KPROBE_HIT_SSDONE:
+        case KPROBE_HIT_ACTIVE:
+                kprobes_inc_nmissed_count(p);
+                break;
+        case KPROBE_HIT_SS:
+        case KPROBE_REENTER:
+        default:
+                /*
+                 * A kprobe on the code path to single step an instruction
+                 * is a BUG. The code path resides in the .kprobes.text
+                 * section and is executed with interrupts disabled.
+                 */
+                printk(KERN_EMERG "Invalid kprobe detected at %p.\n", p->addr);
+                dump_kprobe(p);
+                BUG();
+        }
 }
 
 static int __kprobes kprobe_handler(struct pt_regs *regs)
 {
-        struct kprobe *p;
-        int ret = 0;
-        unsigned long *addr = (unsigned long *)
-                ((regs->psw.addr & PSW_ADDR_INSN) - 2);
         struct kprobe_ctlblk *kcb;
+        struct kprobe *p;
 
         /*
-         * We don't want to be preempted for the entire
-         * duration of kprobe processing
+         * We want to disable preemption for the entire duration of kprobe
+         * processing. That includes the calls to the pre/post handlers
+         * and single stepping the kprobe instruction.
          */
         preempt_disable();
         kcb = get_kprobe_ctlblk();
+        p = get_kprobe((void *)((regs->psw.addr & PSW_ADDR_INSN) - 2));
 
-        /* Check we're not actually recursing */
-        if (kprobe_running()) {
-                p = get_kprobe(addr);
-                if (p) {
-                        if (kcb->kprobe_status == KPROBE_HIT_SS &&
-                            *p->ainsn.insn == BREAKPOINT_INSTRUCTION) {
-                                regs->psw.mask &= ~PSW_MASK_PER;
-                                regs->psw.mask |= kcb->kprobe_saved_imask;
-                                goto no_kprobe;
-                        }
-                        /* We have reentered the kprobe_handler(), since
-                         * another probe was hit while within the handler.
-                         * We here save the original kprobes variables and
-                         * just single step on the instruction of the new probe
-                         * without calling any user handlers.
+        if (p) {
+                if (kprobe_running()) {
+                        /*
+                         * We have hit a kprobe while another is still
+                         * active. This can happen in the pre and post
+                         * handler. Single step the instruction of the
+                         * new probe but do not call any handler function
+                         * of this secondary kprobe.
+                         * push_kprobe and pop_kprobe saves and restores
+                         * the currently active kprobe.
                          */
-                        save_previous_kprobe(kcb);
-                        set_current_kprobe(p, regs, kcb);
-                        kprobes_inc_nmissed_count(p);
-                        prepare_singlestep(p, regs);
+                        kprobe_reenter_check(kcb, p);
+                        push_kprobe(kcb, p);
                         kcb->kprobe_status = KPROBE_REENTER;
-                        return 1;
                 } else {
-                        p = __get_cpu_var(current_kprobe);
-                        if (p->break_handler && p->break_handler(p, regs)) {
-                                goto ss_probe;
-                        }
+                        /*
+                         * If we have no pre-handler or it returned 0, we
+                         * continue with single stepping. If we have a
+                         * pre-handler and it returned non-zero, it prepped
+                         * for calling the break_handler below on re-entry
+                         * for jprobe processing, so get out doing nothing
+                         * more here.
+                         */
+                        push_kprobe(kcb, p);
+                        kcb->kprobe_status = KPROBE_HIT_ACTIVE;
+                        if (p->pre_handler && p->pre_handler(p, regs))
+                                return 1;
+                        kcb->kprobe_status = KPROBE_HIT_SS;
                 }
-                goto no_kprobe;
-        }
-
-        p = get_kprobe(addr);
-        if (!p)
-                /*
-                 * No kprobe at this address. The fault has not been
-                 * caused by a kprobe breakpoint. The race of breakpoint
-                 * vs. kprobe remove does not exist because on s390 we
-                 * use stop_machine to arm/disarm the breakpoints.
-                 */
-                goto no_kprobe;
-
-        kcb->kprobe_status = KPROBE_HIT_ACTIVE;
-        set_current_kprobe(p, regs, kcb);
-        if (p->pre_handler && p->pre_handler(p, regs))
-                /* handler has already set things up, so skip ss setup */
+                enable_singlestep(kcb, regs, (unsigned long) p->ainsn.insn);
                 return 1;
-
-ss_probe:
-        prepare_singlestep(p, regs);
-        kcb->kprobe_status = KPROBE_HIT_SS;
-        return 1;
-
-no_kprobe:
+        } else if (kprobe_running()) {
+                p = __get_cpu_var(current_kprobe);
+                if (p->break_handler && p->break_handler(p, regs)) {
+                        /*
+                         * Continuation after the jprobe completed and
+                         * caused the jprobe_return trap. The jprobe
+                         * break_handler "returns" to the original
+                         * function that still has the kprobe breakpoint
+                         * installed. We continue with single stepping.
+                         */
+                        kcb->kprobe_status = KPROBE_HIT_SS;
+                        enable_singlestep(kcb, regs,
+                                          (unsigned long) p->ainsn.insn);
+                        return 1;
+                } /* else:
+                   * No kprobe at this address and the current kprobe
+                   * has no break handler (no jprobe!). The kernel just
+                   * exploded, let the standard trap handler pick up the
+                   * pieces.
+                   */
+        } /* else:
+           * No kprobe at this address and no active kprobe. The trap has
+           * not been caused by a kprobe breakpoint. The race of breakpoint
+           * vs. kprobe remove does not exist because on s390 as we use
+           * stop_machine to arm/disarm the breakpoints.
+           */
         preempt_enable_no_resched();
-        return ret;
+        return 0;
 }
 
 /*
@@ -343,11 +352,12 @@ static void __used kretprobe_trampoline_holder(void)
 static int __kprobes trampoline_probe_handler(struct kprobe *p,
                                               struct pt_regs *regs)
 {
-        struct kretprobe_instance *ri = NULL;
+        struct kretprobe_instance *ri;
         struct hlist_head *head, empty_rp;
         struct hlist_node *node, *tmp;
-        unsigned long flags, orig_ret_address = 0;
-        unsigned long trampoline_address = (unsigned long)&kretprobe_trampoline;
+        unsigned long flags, orig_ret_address;
+        unsigned long trampoline_address;
+        kprobe_opcode_t *correct_ret_addr;
 
         INIT_HLIST_HEAD(&empty_rp);
         kretprobe_hash_lock(current, &head, &flags);
@@ -365,30 +375,55 @@ static int __kprobes trampoline_probe_handler(struct kprobe *p,
          *       real return address, and all the rest will point to
          *       kretprobe_trampoline
          */
+        ri = NULL;
+        orig_ret_address = 0;
+        correct_ret_addr = NULL;
+        trampoline_address = (unsigned long) &kretprobe_trampoline;
         hlist_for_each_entry_safe(ri, node, tmp, head, hlist) {
                 if (ri->task != current)
                         /* another task is sharing our hash bucket */
                         continue;
 
-                if (ri->rp && ri->rp->handler)
+                orig_ret_address = (unsigned long) ri->ret_addr;
+
+                if (orig_ret_address != trampoline_address)
+                        /*
+                         * This is the real return address. Any other
+                         * instances associated with this task are for
+                         * other calls deeper on the call stack
+                         */
+                        break;
+        }
+
+        kretprobe_assert(ri, orig_ret_address, trampoline_address);
+
+        correct_ret_addr = ri->ret_addr;
+        hlist_for_each_entry_safe(ri, node, tmp, head, hlist) {
+                if (ri->task != current)
+                        /* another task is sharing our hash bucket */
+                        continue;
+
+                orig_ret_address = (unsigned long) ri->ret_addr;
+
+                if (ri->rp && ri->rp->handler) {
+                        ri->ret_addr = correct_ret_addr;
                         ri->rp->handler(ri, regs);
+                }
 
-                orig_ret_address = (unsigned long)ri->ret_addr;
                 recycle_rp_inst(ri, &empty_rp);
 
-                if (orig_ret_address != trampoline_address) {
+                if (orig_ret_address != trampoline_address)
                         /*
                          * This is the real return address. Any other
                          * instances associated with this task are for
                          * other calls deeper on the call stack
                          */
                         break;
-                }
         }
-        kretprobe_assert(ri, orig_ret_address, trampoline_address);
+
         regs->psw.addr = orig_ret_address | PSW_ADDR_AMODE;
 
-        reset_current_kprobe();
+        pop_kprobe(get_kprobe_ctlblk());
         kretprobe_hash_unlock(current, &flags);
         preempt_enable_no_resched();
 
@@ -415,55 +450,42 @@ static int __kprobes trampoline_probe_handler(struct kprobe *p,
 static void __kprobes resume_execution(struct kprobe *p, struct pt_regs *regs)
 {
         struct kprobe_ctlblk *kcb = get_kprobe_ctlblk();
+        unsigned long ip = regs->psw.addr & PSW_ADDR_INSN;
+        int fixup = get_fixup_type(p->ainsn.insn);
 
-        regs->psw.addr &= PSW_ADDR_INSN;
-
-        if (p->ainsn.fixup & FIXUP_PSW_NORMAL)
-                regs->psw.addr = (unsigned long)p->addr +
-                                ((unsigned long)regs->psw.addr -
-                                 (unsigned long)p->ainsn.insn);
+        if (fixup & FIXUP_PSW_NORMAL)
+                ip += (unsigned long) p->addr - (unsigned long) p->ainsn.insn;
 
-        if (p->ainsn.fixup & FIXUP_BRANCH_NOT_TAKEN)
-                if ((unsigned long)regs->psw.addr -
-                    (unsigned long)p->ainsn.insn == p->ainsn.ilen)
-                        regs->psw.addr = (unsigned long)p->addr + p->ainsn.ilen;
+        if (fixup & FIXUP_BRANCH_NOT_TAKEN) {
+                int ilen = ((p->ainsn.insn[0] >> 14) + 3) & -2;
+                if (ip - (unsigned long) p->ainsn.insn == ilen)
+                        ip = (unsigned long) p->addr + ilen;
+        }
 
-        if (p->ainsn.fixup & FIXUP_RETURN_REGISTER)
-                regs->gprs[p->ainsn.reg] = ((unsigned long)p->addr +
-                                                (regs->gprs[p->ainsn.reg] -
-                                                (unsigned long)p->ainsn.insn))
-                                                | PSW_ADDR_AMODE;
+        if (fixup & FIXUP_RETURN_REGISTER) {
+                int reg = (p->ainsn.insn[0] & 0xf0) >> 4;
+                regs->gprs[reg] += (unsigned long) p->addr -
+                                   (unsigned long) p->ainsn.insn;
+        }
 
-        regs->psw.addr |= PSW_ADDR_AMODE;
-        /* turn off PER mode */
-        regs->psw.mask &= ~PSW_MASK_PER;
-        /* Restore the original per control regs */
-        __ctl_load(kcb->kprobe_saved_ctl, 9, 11);
-        regs->psw.mask |= kcb->kprobe_saved_imask;
+        disable_singlestep(kcb, regs, ip);
 }
 
 static int __kprobes post_kprobe_handler(struct pt_regs *regs)
 {
-        struct kprobe *cur = kprobe_running();
         struct kprobe_ctlblk *kcb = get_kprobe_ctlblk();
+        struct kprobe *p = kprobe_running();
 
-        if (!cur)
+        if (!p)
                 return 0;
 
-        if ((kcb->kprobe_status != KPROBE_REENTER) && cur->post_handler) {
+        if (kcb->kprobe_status != KPROBE_REENTER && p->post_handler) {
                 kcb->kprobe_status = KPROBE_HIT_SSDONE;
-                cur->post_handler(cur, regs, 0);
+                p->post_handler(p, regs, 0);
         }
 
-        resume_execution(cur, regs);
-
-        /*Restore back the original saved kprobes variables and continue. */
-        if (kcb->kprobe_status == KPROBE_REENTER) {
-                restore_previous_kprobe(kcb);
-                goto out;
-        }
-        reset_current_kprobe();
-out:
+        resume_execution(p, regs);
+        pop_kprobe(kcb);
         preempt_enable_no_resched();
 
         /*
@@ -471,17 +493,16 @@ out:
          * will have PER set, in which case, continue the remaining processing
          * of do_single_step, as if this is not a probe hit.
          */
-        if (regs->psw.mask & PSW_MASK_PER) {
+        if (regs->psw.mask & PSW_MASK_PER)
                 return 0;
-        }
 
         return 1;
 }
 
-int __kprobes kprobe_fault_handler(struct pt_regs *regs, int trapnr)
+static int __kprobes kprobe_trap_handler(struct pt_regs *regs, int trapnr)
 {
-        struct kprobe *cur = kprobe_running();
         struct kprobe_ctlblk *kcb = get_kprobe_ctlblk();
+        struct kprobe *p = kprobe_running();
         const struct exception_table_entry *entry;
 
         switch(kcb->kprobe_status) {
@@ -497,13 +518,8 @@ int __kprobes kprobe_fault_handler(struct pt_regs *regs, int trapnr)
                  * and allow the page fault handler to continue as a
                  * normal page fault.
                  */
-                regs->psw.addr = (unsigned long)cur->addr | PSW_ADDR_AMODE;
-                regs->psw.mask &= ~PSW_MASK_PER;
-                regs->psw.mask |= kcb->kprobe_saved_imask;
-                if (kcb->kprobe_status == KPROBE_REENTER)
-                        restore_previous_kprobe(kcb);
-                else
-                        reset_current_kprobe();
+                disable_singlestep(kcb, regs, (unsigned long) p->addr);
+                pop_kprobe(kcb);
                 preempt_enable_no_resched();
                 break;
         case KPROBE_HIT_ACTIVE:
@@ -513,7 +529,7 @@ int __kprobes kprobe_fault_handler(struct pt_regs *regs, int trapnr)
                  * we can also use npre/npostfault count for accouting
                  * these specific fault cases.
                  */
-                kprobes_inc_nmissed_count(cur);
+                kprobes_inc_nmissed_count(p);
 
                 /*
                  * We come here because instructions in the pre/post
@@ -522,7 +538,7 @@ int __kprobes kprobe_fault_handler(struct pt_regs *regs, int trapnr)
                  * copy_from_user(), get_user() etc. Let the
                  * user-specified handler try to fix it first.
                  */
-                if (cur->fault_handler && cur->fault_handler(cur, regs, trapnr))
+                if (p->fault_handler && p->fault_handler(p, regs, trapnr))
                         return 1;
 
                 /*
@@ -546,57 +562,71 @@ int __kprobes kprobe_fault_handler(struct pt_regs *regs, int trapnr)
         return 0;
 }
 
+int __kprobes kprobe_fault_handler(struct pt_regs *regs, int trapnr)
+{
+        int ret;
+
+        if (regs->psw.mask & (PSW_MASK_IO | PSW_MASK_EXT))
+                local_irq_disable();
+        ret = kprobe_trap_handler(regs, trapnr);
+        if (regs->psw.mask & (PSW_MASK_IO | PSW_MASK_EXT))
+                local_irq_restore(regs->psw.mask & ~PSW_MASK_PER);
+        return ret;
+}
+
 /*
  * Wrapper routine to for handling exceptions.
  */
 int __kprobes kprobe_exceptions_notify(struct notifier_block *self,
                                        unsigned long val, void *data)
 {
-        struct die_args *args = (struct die_args *)data;
+        struct die_args *args = (struct die_args *) data;
+        struct pt_regs *regs = args->regs;
         int ret = NOTIFY_DONE;
 
+        if (regs->psw.mask & (PSW_MASK_IO | PSW_MASK_EXT))
+                local_irq_disable();
+
         switch (val) {
         case DIE_BPT:
-                if (kprobe_handler(args->regs))
+                if (kprobe_handler(regs))
                         ret = NOTIFY_STOP;
                 break;
         case DIE_SSTEP:
-                if (post_kprobe_handler(args->regs))
+                if (post_kprobe_handler(regs))
                         ret = NOTIFY_STOP;
                 break;
         case DIE_TRAP:
-                /* kprobe_running() needs smp_processor_id() */
-                preempt_disable();
-                if (kprobe_running() &&
-                    kprobe_fault_handler(args->regs, args->trapnr))
+                if (!preemptible() && kprobe_running() &&
+                    kprobe_trap_handler(regs, args->trapnr))
                         ret = NOTIFY_STOP;
-                preempt_enable();
                 break;
         default:
                 break;
         }
+
+        if (regs->psw.mask & (PSW_MASK_IO | PSW_MASK_EXT))
+                local_irq_restore(regs->psw.mask & ~PSW_MASK_PER);
+
         return ret;
 }
 
 int __kprobes setjmp_pre_handler(struct kprobe *p, struct pt_regs *regs)
 {
         struct jprobe *jp = container_of(p, struct jprobe, kp);
-        unsigned long addr;
         struct kprobe_ctlblk *kcb = get_kprobe_ctlblk();
+        unsigned long stack;
 
         memcpy(&kcb->jprobe_saved_regs, regs, sizeof(struct pt_regs));
 
         /* setup return addr to the jprobe handler routine */
-        regs->psw.addr = (unsigned long)(jp->entry) | PSW_ADDR_AMODE;
+        regs->psw.addr = (unsigned long) jp->entry | PSW_ADDR_AMODE;
+        regs->psw.mask &= ~(PSW_MASK_IO | PSW_MASK_EXT);
 
-        /* r14 is the function return address */
-        kcb->jprobe_saved_r14 = (unsigned long)regs->gprs[14];
         /* r15 is the stack pointer */
-        kcb->jprobe_saved_r15 = (unsigned long)regs->gprs[15];
-        addr = (unsigned long)kcb->jprobe_saved_r15;
+        stack = (unsigned long) regs->gprs[15];
 
-        memcpy(kcb->jprobes_stack, (kprobe_opcode_t *) addr,
-               MIN_STACK_SIZE(addr));
+        memcpy(kcb->jprobes_stack, (void *) stack, MIN_STACK_SIZE(stack));
         return 1;
 }
 
@@ -613,30 +643,29 @@ void __kprobes jprobe_return_end(void)
 int __kprobes longjmp_break_handler(struct kprobe *p, struct pt_regs *regs)
 {
         struct kprobe_ctlblk *kcb = get_kprobe_ctlblk();
-        unsigned long stack_addr = (unsigned long)(kcb->jprobe_saved_r15);
+        unsigned long stack;
+
+        stack = (unsigned long) kcb->jprobe_saved_regs.gprs[15];
 
         /* Put the regs back */
         memcpy(regs, &kcb->jprobe_saved_regs, sizeof(struct pt_regs));
         /* put the stack back */
-        memcpy((kprobe_opcode_t *) stack_addr, kcb->jprobes_stack,
-               MIN_STACK_SIZE(stack_addr));
+        memcpy((void *) stack, kcb->jprobes_stack, MIN_STACK_SIZE(stack));
         preempt_enable_no_resched();
         return 1;
 }
 
-static struct kprobe trampoline_p = {
-        .addr = (kprobe_opcode_t *) & kretprobe_trampoline,
+static struct kprobe trampoline = {
+        .addr = (kprobe_opcode_t *) &kretprobe_trampoline,
         .pre_handler = trampoline_probe_handler
 };
 
 int __init arch_init_kprobes(void)
 {
-        return register_kprobe(&trampoline_p);
+        return register_kprobe(&trampoline);
 }
 
 int __kprobes arch_trampoline_kprobe(struct kprobe *p)
 {
-        if (p->addr == (kprobe_opcode_t *) & kretprobe_trampoline)
-                return 1;
-        return 0;
+        return p->addr == (kprobe_opcode_t *) &kretprobe_trampoline;
 }
diff --git a/arch/s390/kernel/machine_kexec.c b/arch/s390/kernel/machine_kexec.c
index a922d51df6bf..b09b9c62573e 100644
--- a/arch/s390/kernel/machine_kexec.c
+++ b/arch/s390/kernel/machine_kexec.c
@@ -12,6 +12,7 @@
 #include <linux/kexec.h>
 #include <linux/delay.h>
 #include <linux/reboot.h>
+#include <linux/ftrace.h>
 #include <asm/cio.h>
 #include <asm/setup.h>
 #include <asm/pgtable.h>
@@ -71,6 +72,7 @@ static void __machine_kexec(void *data)
 
 void machine_kexec(struct kimage *image)
 {
+        tracer_disable();
         smp_send_stop();
         smp_switch_to_ipl_cpu(__machine_kexec, image);
 }
diff --git a/arch/s390/kernel/mcount.S b/arch/s390/kernel/mcount.S
index dfe015d7398c..1e6a55795628 100644
--- a/arch/s390/kernel/mcount.S
+++ b/arch/s390/kernel/mcount.S
@@ -7,6 +7,8 @@
 
 #include <asm/asm-offsets.h>
 
+        .section .kprobes.text, "ax"
+
         .globl ftrace_stub
 ftrace_stub:
         br      %r14
@@ -16,22 +18,12 @@ _mcount:
 #ifdef CONFIG_DYNAMIC_FTRACE
         br      %r14
 
-        .data
-        .globl  ftrace_dyn_func
-ftrace_dyn_func:
-        .long   ftrace_stub
-        .previous
-
         .globl ftrace_caller
 ftrace_caller:
 #endif
         stm     %r2,%r5,16(%r15)
         bras    %r1,2f
-#ifdef CONFIG_DYNAMIC_FTRACE
-0:      .long   ftrace_dyn_func
-#else
 0:      .long   ftrace_trace_function
-#endif
 1:      .long   function_trace_stop
 2:      l       %r2,1b-0b(%r1)
         icm     %r2,0xf,0(%r2)
@@ -47,21 +39,15 @@ ftrace_caller:
         l       %r14,0(%r14)
         basr    %r14,%r14
 #ifdef CONFIG_FUNCTION_GRAPH_TRACER
-#ifdef CONFIG_DYNAMIC_FTRACE
+        l       %r2,100(%r15)
+        l       %r3,152(%r15)
         .globl  ftrace_graph_caller
 ftrace_graph_caller:
-        # This unconditional branch gets runtime patched. Change only if
-        # you know what you are doing. See ftrace_enable_graph_caller().
-        j       1f
-#endif
-        bras    %r1,0f
-        .long   prepare_ftrace_return
-0:      l       %r2,152(%r15)
-        l       %r4,0(%r1)
-        l       %r3,100(%r15)
-        basr    %r14,%r4
-        st      %r2,100(%r15)
-1:
+# The bras instruction gets runtime patched to call prepare_ftrace_return.
+# See ftrace_enable_ftrace_graph_caller. The patched instruction is:
+#       bras    %r14,prepare_ftrace_return
+        bras    %r14,0f
+0:      st      %r2,100(%r15)
 #endif
         ahi     %r15,96
         l       %r14,56(%r15)
diff --git a/arch/s390/kernel/mcount64.S b/arch/s390/kernel/mcount64.S
index c37211c6092b..e73667286ac0 100644
--- a/arch/s390/kernel/mcount64.S
+++ b/arch/s390/kernel/mcount64.S
@@ -7,6 +7,8 @@
 
 #include <asm/asm-offsets.h>
 
+        .section .kprobes.text, "ax"
+
         .globl ftrace_stub
 ftrace_stub:
         br      %r14
@@ -16,12 +18,6 @@ _mcount:
 #ifdef CONFIG_DYNAMIC_FTRACE
         br      %r14
 
-        .data
-        .globl  ftrace_dyn_func
-ftrace_dyn_func:
-        .quad   ftrace_stub
-        .previous
-
         .globl ftrace_caller
 ftrace_caller:
 #endif
@@ -35,26 +31,19 @@ ftrace_caller:
         stg     %r1,__SF_BACKCHAIN(%r15)
         lgr     %r2,%r14
         lg      %r3,168(%r15)
-#ifdef CONFIG_DYNAMIC_FTRACE
-        larl    %r14,ftrace_dyn_func
-#else
         larl    %r14,ftrace_trace_function
-#endif
         lg      %r14,0(%r14)
         basr    %r14,%r14
 #ifdef CONFIG_FUNCTION_GRAPH_TRACER
-#ifdef CONFIG_DYNAMIC_FTRACE
+        lg      %r2,168(%r15)
+        lg      %r3,272(%r15)
         .globl  ftrace_graph_caller
 ftrace_graph_caller:
-        # This unconditional branch gets runtime patched. Change only if
-        # you know what you are doing. See ftrace_enable_graph_caller().
-        j       0f
-#endif
-        lg      %r2,272(%r15)
-        lg      %r3,168(%r15)
-        brasl   %r14,prepare_ftrace_return
-        stg     %r2,168(%r15)
-0:
+# The bras instruction gets runtime patched to call prepare_ftrace_return.
+# See ftrace_enable_ftrace_graph_caller. The patched instruction is:
+#       bras    %r14,prepare_ftrace_return
+        bras    %r14,0f
+0:      stg     %r2,168(%r15)
 #endif
         aghi    %r15,160
         lmg     %r2,%r5,32(%r15)
diff --git a/arch/s390/kernel/mem_detect.c b/arch/s390/kernel/mem_detect.c
index 559af0d07878..0fbe4e32f7ba 100644
--- a/arch/s390/kernel/mem_detect.c
+++ b/arch/s390/kernel/mem_detect.c
@@ -54,11 +54,11 @@ void detect_memory_layout(struct mem_chunk chunk[])
          * right thing and we don't get scheduled away with low address
          * protection disabled.
          */
-        flags = __raw_local_irq_stnsm(0xf8);
+        flags = __arch_local_irq_stnsm(0xf8);
         __ctl_store(cr0, 0, 0);
         __ctl_clear_bit(0, 28);
         find_memory_chunks(chunk);
         __ctl_load(cr0, 0, 0);
-        __raw_local_irq_ssm(flags);
+        arch_local_irq_restore(flags);
 }
 EXPORT_SYMBOL(detect_memory_layout);
diff --git a/arch/s390/kernel/nmi.c b/arch/s390/kernel/nmi.c
index ac151399ef34..fab88431a06f 100644
--- a/arch/s390/kernel/nmi.c
+++ b/arch/s390/kernel/nmi.c
@@ -8,6 +8,7 @@
  *               Heiko Carstens <heiko.carstens@de.ibm.com>,
  */
 
+#include <linux/kernel_stat.h>
 #include <linux/init.h>
 #include <linux/errno.h>
 #include <linux/hardirq.h>
@@ -95,7 +96,6 @@ EXPORT_SYMBOL_GPL(s390_handle_mcck);
 static int notrace s390_revalidate_registers(struct mci *mci)
 {
         int kill_task;
-        u64 tmpclock;
         u64 zero;
         void *fpt_save_area, *fpt_creg_save_area;
 
@@ -214,11 +214,10 @@ static int notrace s390_revalidate_registers(struct mci *mci)
                         : "0", "cc");
 #endif
         /* Revalidate clock comparator register */
-        asm volatile(
-                "       stck    0(%1)\n"
-                "       sckc    0(%1)"
-                : "=m" (tmpclock) : "a" (&(tmpclock)) : "cc", "memory");
-
+        if (S390_lowcore.clock_comparator == -1)
+                set_clock_comparator(S390_lowcore.mcck_clock);
+        else
+                set_clock_comparator(S390_lowcore.clock_comparator);
         /* Check if old PSW is valid */
         if (!mci->wp)
                 /*
@@ -257,7 +256,7 @@ void notrace s390_do_machine_check(struct pt_regs *regs)
         nmi_enter();
         s390_idle_check(regs, S390_lowcore.mcck_clock,
                         S390_lowcore.mcck_enter_timer);
-
+        kstat_cpu(smp_processor_id()).irqs[NMI_NMI]++;
         mci = (struct mci *) &S390_lowcore.mcck_interruption_code;
         mcck = &__get_cpu_var(cpu_mcck);
         umode = user_mode(regs);
diff --git a/arch/s390/kernel/process.c b/arch/s390/kernel/process.c
index d3a2d1c6438e..541a7509faeb 100644
--- a/arch/s390/kernel/process.c
+++ b/arch/s390/kernel/process.c
@@ -9,38 +9,27 @@
 
 #include <linux/compiler.h>
 #include <linux/cpu.h>
-#include <linux/errno.h>
 #include <linux/sched.h>
 #include <linux/kernel.h>
 #include <linux/mm.h>
-#include <linux/fs.h>
 #include <linux/smp.h>
-#include <linux/stddef.h>
 #include <linux/slab.h>
-#include <linux/unistd.h>
-#include <linux/ptrace.h>
-#include <linux/vmalloc.h>
-#include <linux/user.h>
 #include <linux/interrupt.h>
-#include <linux/delay.h>
-#include <linux/reboot.h>
-#include <linux/init.h>
-#include <linux/module.h>
-#include <linux/notifier.h>
 #include <linux/tick.h>
-#include <linux/elfcore.h>
-#include <linux/kernel_stat.h>
+#include <linux/personality.h>
 #include <linux/syscalls.h>
 #include <linux/compat.h>
-#include <asm/compat.h>
-#include <asm/uaccess.h>
-#include <asm/pgtable.h>
+#include <linux/kprobes.h>
+#include <linux/random.h>
+#include <linux/module.h>
 #include <asm/system.h>
 #include <asm/io.h>
 #include <asm/processor.h>
 #include <asm/irq.h>
 #include <asm/timer.h>
 #include <asm/nmi.h>
+#include <asm/compat.h>
+#include <asm/smp.h>
 #include "entry.h"
 
 asmlinkage void ret_from_fork(void) asm ("ret_from_fork");
@@ -75,18 +64,13 @@ unsigned long thread_saved_pc(struct task_struct *tsk)
  */
 static void default_idle(void)
 {
-        /* CPU is going idle. */
+        if (cpu_is_offline(smp_processor_id()))
+                cpu_die();
         local_irq_disable();
         if (need_resched()) {
                 local_irq_enable();
                 return;
         }
-#ifdef CONFIG_HOTPLUG_CPU
-        if (cpu_is_offline(smp_processor_id())) {
-                preempt_enable_no_resched();
-                cpu_die();
-        }
-#endif
         local_mcck_disable();
         if (test_thread_flag(TIF_MCCK_PENDING)) {
                 local_mcck_enable();
@@ -116,15 +100,17 @@ void cpu_idle(void)
         }
 }
 
-extern void kernel_thread_starter(void);
+extern void __kprobes kernel_thread_starter(void);
 
 asm(
-        ".align 4\n"
+        ".section .kprobes.text, \"ax\"\n"
+        ".global kernel_thread_starter\n"
         "kernel_thread_starter:\n"
         "    la    2,0(10)\n"
         "    basr  14,9\n"
         "    la    2,0\n"
-        "    br    11\n");
+        "    br    11\n"
+        ".previous\n");
 
 int kernel_thread(int (*fn)(void *), void * arg, unsigned long flags)
 {
@@ -214,8 +200,10 @@ int copy_thread(unsigned long clone_flags, unsigned long new_stackp,
         /* start new process with ar4 pointing to the correct address space */
         p->thread.mm_segment = get_fs();
         /* Don't copy debug registers */
-        memset(&p->thread.per_info, 0, sizeof(p->thread.per_info));
+        memset(&p->thread.per_user, 0, sizeof(p->thread.per_user));
+        memset(&p->thread.per_event, 0, sizeof(p->thread.per_event));
         clear_tsk_thread_flag(p, TIF_SINGLE_STEP);
+        clear_tsk_thread_flag(p, TIF_PER_TRAP);
         /* Initialize per thread user and system timer values */
         ti = task_thread_info(p);
         ti->user_timer = 0;
@@ -331,3 +319,39 @@ unsigned long get_wchan(struct task_struct *p)
         }
         return 0;
 }
+
+unsigned long arch_align_stack(unsigned long sp)
+{
+        if (!(current->personality & ADDR_NO_RANDOMIZE) && randomize_va_space)
+                sp -= get_random_int() & ~PAGE_MASK;
+        return sp & ~0xf;
+}
+
+static inline unsigned long brk_rnd(void)
+{
+        /* 8MB for 32bit, 1GB for 64bit */
+        if (is_32bit_task())
+                return (get_random_int() & 0x7ffUL) << PAGE_SHIFT;
+        else
+                return (get_random_int() & 0x3ffffUL) << PAGE_SHIFT;
+}
+
+unsigned long arch_randomize_brk(struct mm_struct *mm)
+{
+        unsigned long ret = PAGE_ALIGN(mm->brk + brk_rnd());
+
+        if (ret < mm->brk)
+                return mm->brk;
+        return ret;
+}
+
+unsigned long randomize_et_dyn(unsigned long base)
+{
+        unsigned long ret = PAGE_ALIGN(base + brk_rnd());
+
+        if (!(current->flags & PF_RANDOMIZE))
+                return base;
+        if (ret < base)
+                return base;
+        return ret;
+}
diff --git a/arch/s390/kernel/processor.c b/arch/s390/kernel/processor.c
index ecb2d02b02e4..311e9d712888 100644
--- a/arch/s390/kernel/processor.c
+++ b/arch/s390/kernel/processor.c
@@ -13,7 +13,7 @@
 #include <linux/smp.h>
 #include <linux/seq_file.h>
 #include <linux/delay.h>
-
+#include <linux/cpu.h>
 #include <asm/elf.h>
 #include <asm/lowcore.h>
 #include <asm/param.h>
@@ -35,17 +35,6 @@ void __cpuinit cpu_init(void)
 }
 
 /*
- * print_cpu_info - print basic information about a cpu
- */
-void __cpuinit print_cpu_info(void)
-{
-        struct cpuid *id = &per_cpu(cpu_id, smp_processor_id());
-
-        pr_info("Processor %d started, address %d, identification %06X\n",
-                S390_lowcore.cpu_nr, S390_lowcore.cpu_addr, id->ident);
-}
-
-/*
  * show_cpuinfo - Get information on one CPU for use by procfs.
  */
 static int show_cpuinfo(struct seq_file *m, void *v)
@@ -57,9 +46,8 @@ static int show_cpuinfo(struct seq_file *m, void *v)
         unsigned long n = (unsigned long) v - 1;
         int i;
 
-        s390_adjust_jiffies();
-        preempt_disable();
         if (!n) {
+                s390_adjust_jiffies();
                 seq_printf(m, "vendor_id       : IBM/S390\n"
                            "# processors    : %i\n"
                            "bogomips per cpu: %lu.%02lu\n",
@@ -71,7 +59,7 @@ static int show_cpuinfo(struct seq_file *m, void *v)
                                 seq_printf(m, "%s ", hwcap_str[i]);
                 seq_puts(m, "\n");
         }
-
+        get_online_cpus();
         if (cpu_online(n)) {
                 struct cpuid *id = &per_cpu(cpu_id, n);
                 seq_printf(m, "processor %li: "
@@ -80,7 +68,7 @@ static int show_cpuinfo(struct seq_file *m, void *v)
                            "machine = %04X\n",
                            n, id->version, id->ident, id->machine);
         }
-        preempt_enable();
+        put_online_cpus();
         return 0;
 }
 
diff --git a/arch/s390/kernel/ptrace.c b/arch/s390/kernel/ptrace.c
index 83339d33c4b1..ef86ad243986 100644
--- a/arch/s390/kernel/ptrace.c
+++ b/arch/s390/kernel/ptrace.c
@@ -1,25 +1,9 @@
 /*
- *  arch/s390/kernel/ptrace.c
+ *  Ptrace user space interface.
  *
- *  S390 version
- *    Copyright (C) 1999,2000 IBM Deutschland Entwicklung GmbH, IBM Corporation
- *    Author(s): Denis Joseph Barrow (djbarrow@de.ibm.com,barrow_dj@yahoo.com),
+ *    Copyright IBM Corp. 1999,2010
+ *    Author(s): Denis Joseph Barrow
  *               Martin Schwidefsky (schwidefsky@de.ibm.com)
- *
- *  Based on PowerPC version 
- *    Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
- *
- *  Derived from "arch/m68k/kernel/ptrace.c"
- *  Copyright (C) 1994 by Hamish Macdonald
- *  Taken from linux/kernel/ptrace.c and modified for M680x0.
- *  linux/kernel/ptrace.c is by Ross Biro 1/23/92, edited by Linus Torvalds
- *
- * Modified by Cort Dougan (cort@cs.nmt.edu) 
- *
- *
- * This file is subject to the terms and conditions of the GNU General
- * Public License.  See the file README.legal in the main directory of
- * this archive for more details.
  */
 
 #include <linux/kernel.h>
@@ -61,76 +45,58 @@ enum s390_regset {
         REGSET_GENERAL_EXTENDED,
 };
 
-static void
-FixPerRegisters(struct task_struct *task)
+void update_per_regs(struct task_struct *task)
 {
-        struct pt_regs *regs;
-        per_struct *per_info;
-        per_cr_words cr_words;
-
-        regs = task_pt_regs(task);
-        per_info = (per_struct *) &task->thread.per_info;
-        per_info->control_regs.bits.em_instruction_fetch =
-                per_info->single_step | per_info->instruction_fetch;
-        
-        if (per_info->single_step) {
-                per_info->control_regs.bits.starting_addr = 0;
-#ifdef CONFIG_COMPAT
-                if (is_compat_task())
-                        per_info->control_regs.bits.ending_addr = 0x7fffffffUL;
-                else
-#endif
-                        per_info->control_regs.bits.ending_addr = PSW_ADDR_INSN;
-        } else {
-                per_info->control_regs.bits.starting_addr =
-                        per_info->starting_addr;
-                per_info->control_regs.bits.ending_addr =
-                        per_info->ending_addr;
-        }
-        /*
-         * if any of the control reg tracing bits are on 
-         * we switch on per in the psw
-         */
-        if (per_info->control_regs.words.cr[0] & PER_EM_MASK)
-                regs->psw.mask |= PSW_MASK_PER;
-        else
+        static const struct per_regs per_single_step = {
+                .control = PER_EVENT_IFETCH,
+                .start = 0,
+                .end = PSW_ADDR_INSN,
+        };
+        struct pt_regs *regs = task_pt_regs(task);
+        struct thread_struct *thread = &task->thread;
+        const struct per_regs *new;
+        struct per_regs old;
+
+        /* TIF_SINGLE_STEP overrides the user specified PER registers. */
+        new = test_tsk_thread_flag(task, TIF_SINGLE_STEP) ?
+                &per_single_step : &thread->per_user;
+
+        /* Take care of the PER enablement bit in the PSW. */
+        if (!(new->control & PER_EVENT_MASK)) {
                 regs->psw.mask &= ~PSW_MASK_PER;
-
-        if (per_info->control_regs.bits.em_storage_alteration)
-                per_info->control_regs.bits.storage_alt_space_ctl = 1;
-        else
-                per_info->control_regs.bits.storage_alt_space_ctl = 0;
-
-        if (task == current) {
-                __ctl_store(cr_words, 9, 11);
-                if (memcmp(&cr_words, &per_info->control_regs.words,
-                           sizeof(cr_words)) != 0)
-                        __ctl_load(per_info->control_regs.words, 9, 11);
+                return;
         }
+        regs->psw.mask |= PSW_MASK_PER;
+        __ctl_store(old, 9, 11);
+        if (memcmp(new, &old, sizeof(struct per_regs)) != 0)
+                __ctl_load(*new, 9, 11);
 }
 
 void user_enable_single_step(struct task_struct *task)
 {
-        task->thread.per_info.single_step = 1;
-        FixPerRegisters(task);
+        set_tsk_thread_flag(task, TIF_SINGLE_STEP);
+        if (task == current)
+                update_per_regs(task);
 }
 
 void user_disable_single_step(struct task_struct *task)
 {
-        task->thread.per_info.single_step = 0;
-        FixPerRegisters(task);
+        clear_tsk_thread_flag(task, TIF_SINGLE_STEP);
+        if (task == current)
+                update_per_regs(task);
 }
 
 /*
  * Called by kernel/ptrace.c when detaching..
  *
- * Make sure single step bits etc are not set.
+ * Clear all debugging related fields.
  */
-void
-ptrace_disable(struct task_struct *child)
+void ptrace_disable(struct task_struct *task)
 {
-        /* make sure the single step bit is not set. */
-        user_disable_single_step(child);
+        memset(&task->thread.per_user, 0, sizeof(task->thread.per_user));
+        memset(&task->thread.per_event, 0, sizeof(task->thread.per_event));
+        clear_tsk_thread_flag(task, TIF_SINGLE_STEP);
+        clear_tsk_thread_flag(task, TIF_PER_TRAP);
 }
 
 #ifndef CONFIG_64BIT
@@ -139,6 +105,47 @@ ptrace_disable(struct task_struct *child)
 # define __ADDR_MASK 7
 #endif
 
+static inline unsigned long __peek_user_per(struct task_struct *child,
+                                            addr_t addr)
+{
+        struct per_struct_kernel *dummy = NULL;
+
+        if (addr == (addr_t) &dummy->cr9)
+                /* Control bits of the active per set. */
+                return test_thread_flag(TIF_SINGLE_STEP) ?
+                        PER_EVENT_IFETCH : child->thread.per_user.control;
+        else if (addr == (addr_t) &dummy->cr10)
+                /* Start address of the active per set. */
+                return test_thread_flag(TIF_SINGLE_STEP) ?
+                        0 : child->thread.per_user.start;
+        else if (addr == (addr_t) &dummy->cr11)
+                /* End address of the active per set. */
+                return test_thread_flag(TIF_SINGLE_STEP) ?
+                        PSW_ADDR_INSN : child->thread.per_user.end;
+        else if (addr == (addr_t) &dummy->bits)
+                /* Single-step bit. */
+                return test_thread_flag(TIF_SINGLE_STEP) ?
+                        (1UL << (BITS_PER_LONG - 1)) : 0;
+        else if (addr == (addr_t) &dummy->starting_addr)
+                /* Start address of the user specified per set. */
+                return child->thread.per_user.start;
+        else if (addr == (addr_t) &dummy->ending_addr)
+                /* End address of the user specified per set. */
+                return child->thread.per_user.end;
+        else if (addr == (addr_t) &dummy->perc_atmid)
+                /* PER code, ATMID and AI of the last PER trap */
+                return (unsigned long)
+                        child->thread.per_event.cause << (BITS_PER_LONG - 16);
+        else if (addr == (addr_t) &dummy->address)
+                /* Address of the last PER trap */
+                return child->thread.per_event.address;
+        else if (addr == (addr_t) &dummy->access_id)
+                /* Access id of the last PER trap */
+                return (unsigned long)
+                        child->thread.per_event.paid << (BITS_PER_LONG - 8);
+        return 0;
+}
+
 /*
  * Read the word at offset addr from the user area of a process. The
  * trouble here is that the information is littered over different
@@ -204,10 +211,10 @@ static unsigned long __peek_user(struct task_struct *child, addr_t addr)
 
         } else if (addr < (addr_t) (&dummy->regs.per_info + 1)) {
                 /*
-                 * per_info is found in the thread structure
+                 * Handle access to the per_info structure.
                  */
-                offset = addr - (addr_t) &dummy->regs.per_info;
-                tmp = *(addr_t *)((addr_t) &child->thread.per_info + offset);
+                addr -= (addr_t) &dummy->regs.per_info;
+                tmp = __peek_user_per(child, addr);
 
         } else
                 tmp = 0;
@@ -237,6 +244,35 @@ peek_user(struct task_struct *child, addr_t addr, addr_t data)
         return put_user(tmp, (addr_t __user *) data);
 }
 
+static inline void __poke_user_per(struct task_struct *child,
+                                   addr_t addr, addr_t data)
+{
+        struct per_struct_kernel *dummy = NULL;
+
+        /*
+         * There are only three fields in the per_info struct that the
+         * debugger user can write to.
+         * 1) cr9: the debugger wants to set a new PER event mask
+         * 2) starting_addr: the debugger wants to set a new starting
+         *    address to use with the PER event mask.
+         * 3) ending_addr: the debugger wants to set a new ending
+         *    address to use with the PER event mask.
+         * The user specified PER event mask and the start and end
+         * addresses are used only if single stepping is not in effect.
+         * Writes to any other field in per_info are ignored.
+         */
+        if (addr == (addr_t) &dummy->cr9)
+                /* PER event mask of the user specified per set. */
+                child->thread.per_user.control =
+                        data & (PER_EVENT_MASK | PER_CONTROL_MASK);
+        else if (addr == (addr_t) &dummy->starting_addr)
+                /* Starting address of the user specified per set. */
+                child->thread.per_user.start = data;
+        else if (addr == (addr_t) &dummy->ending_addr)
+                /* Ending address of the user specified per set. */
+                child->thread.per_user.end = data;
+}
+
 /*
  * Write a word to the user area of a process at location addr. This
  * operation does have an additional problem compared to peek_user.
@@ -311,19 +347,17 @@ static int __poke_user(struct task_struct *child, addr_t addr, addr_t data)
 
         } else if (addr < (addr_t) (&dummy->regs.per_info + 1)) {
                 /*
-                 * per_info is found in the thread structure 
+                 * Handle access to the per_info structure.
                  */
-                offset = addr - (addr_t) &dummy->regs.per_info;
-                *(addr_t *)((addr_t) &child->thread.per_info + offset) = data;
+                addr -= (addr_t) &dummy->regs.per_info;
+                __poke_user_per(child, addr, data);
 
         }
 
-        FixPerRegisters(child);
         return 0;
 }
 
-static int
-poke_user(struct task_struct *child, addr_t addr, addr_t data)
+static int poke_user(struct task_struct *child, addr_t addr, addr_t data)
 {
         addr_t mask;
 
@@ -343,7 +377,8 @@ poke_user(struct task_struct *child, addr_t addr, addr_t data)
         return __poke_user(child, addr, data);
 }
 
-long arch_ptrace(struct task_struct *child, long request, long addr, long data)
+long arch_ptrace(struct task_struct *child, long request,
+                 unsigned long addr, unsigned long data)
 {
         ptrace_area parea; 
         int copied, ret;
@@ -409,12 +444,53 @@ long arch_ptrace(struct task_struct *child, long request, long addr, long data)
  */
 
 /*
+ * Same as peek_user_per but for a 31 bit program.
+ */
+static inline __u32 __peek_user_per_compat(struct task_struct *child,
+                                           addr_t addr)
+{
+        struct compat_per_struct_kernel *dummy32 = NULL;
+
+        if (addr == (addr_t) &dummy32->cr9)
+                /* Control bits of the active per set. */
+                return (__u32) test_thread_flag(TIF_SINGLE_STEP) ?
+                        PER_EVENT_IFETCH : child->thread.per_user.control;
+        else if (addr == (addr_t) &dummy32->cr10)
+                /* Start address of the active per set. */
+                return (__u32) test_thread_flag(TIF_SINGLE_STEP) ?
+                        0 : child->thread.per_user.start;
+        else if (addr == (addr_t) &dummy32->cr11)
+                /* End address of the active per set. */
+                return test_thread_flag(TIF_SINGLE_STEP) ?
+                        PSW32_ADDR_INSN : child->thread.per_user.end;
+        else if (addr == (addr_t) &dummy32->bits)
+                /* Single-step bit. */
+                return (__u32) test_thread_flag(TIF_SINGLE_STEP) ?
+                        0x80000000 : 0;
+        else if (addr == (addr_t) &dummy32->starting_addr)
+                /* Start address of the user specified per set. */
+                return (__u32) child->thread.per_user.start;
+        else if (addr == (addr_t) &dummy32->ending_addr)
+                /* End address of the user specified per set. */
+                return (__u32) child->thread.per_user.end;
+        else if (addr == (addr_t) &dummy32->perc_atmid)
+                /* PER code, ATMID and AI of the last PER trap */
+                return (__u32) child->thread.per_event.cause << 16;
+        else if (addr == (addr_t) &dummy32->address)
+                /* Address of the last PER trap */
+                return (__u32) child->thread.per_event.address;
+        else if (addr == (addr_t) &dummy32->access_id)
+                /* Access id of the last PER trap */
+                return (__u32) child->thread.per_event.paid << 24;
+        return 0;
+}
+
+/*
  * Same as peek_user but for a 31 bit program.
  */
 static u32 __peek_user_compat(struct task_struct *child, addr_t addr)
 {
-        struct user32 *dummy32 = NULL;
-        per_struct32 *dummy_per32 = NULL;
+        struct compat_user *dummy32 = NULL;
         addr_t offset;
         __u32 tmp;
 
@@ -464,19 +540,10 @@ static u32 __peek_user_compat(struct task_struct *child, addr_t addr)
 
         } else if (addr < (addr_t) (&dummy32->regs.per_info + 1)) {
                 /*
-                 * per_info is found in the thread structure
+                 * Handle access to the per_info structure.
                  */
-                offset = addr - (addr_t) &dummy32->regs.per_info;
-                /* This is magic. See per_struct and per_struct32. */
-                if ((offset >= (addr_t) &dummy_per32->control_regs &&
-                     offset < (addr_t) (&dummy_per32->control_regs + 1)) ||
-                    (offset >= (addr_t) &dummy_per32->starting_addr &&
-                     offset <= (addr_t) &dummy_per32->ending_addr) ||
-                    offset == (addr_t) &dummy_per32->lowcore.words.address)
-                        offset = offset*2 + 4;
-                else
-                        offset = offset*2;
-                tmp = *(__u32 *)((addr_t) &child->thread.per_info + offset);
+                addr -= (addr_t) &dummy32->regs.per_info;
+                tmp = __peek_user_per_compat(child, addr);
 
         } else
                 tmp = 0;
@@ -497,13 +564,32 @@ static int peek_user_compat(struct task_struct *child,
 }
 
 /*
+ * Same as poke_user_per but for a 31 bit program.
+ */
+static inline void __poke_user_per_compat(struct task_struct *child,
+                                          addr_t addr, __u32 data)
+{
+        struct compat_per_struct_kernel *dummy32 = NULL;
+
+        if (addr == (addr_t) &dummy32->cr9)
+                /* PER event mask of the user specified per set. */
+                child->thread.per_user.control =
+                        data & (PER_EVENT_MASK | PER_CONTROL_MASK);
+        else if (addr == (addr_t) &dummy32->starting_addr)
+                /* Starting address of the user specified per set. */
+                child->thread.per_user.start = data;
+        else if (addr == (addr_t) &dummy32->ending_addr)
+                /* Ending address of the user specified per set. */
+                child->thread.per_user.end = data;
+}
+
+/*
  * Same as poke_user but for a 31 bit program.
  */
 static int __poke_user_compat(struct task_struct *child,
                               addr_t addr, addr_t data)
 {
-        struct user32 *dummy32 = NULL;
-        per_struct32 *dummy_per32 = NULL;
+        struct compat_user *dummy32 = NULL;
         __u32 tmp = (__u32) data;
         addr_t offset;
 
@@ -560,37 +646,20 @@ static int __poke_user_compat(struct task_struct *child,
 
         } else if (addr < (addr_t) (&dummy32->regs.per_info + 1)) {
                 /*
-                 * per_info is found in the thread structure.
-                 */
-                offset = addr - (addr_t) &dummy32->regs.per_info;
-                /*
-                 * This is magic. See per_struct and per_struct32.
-                 * By incident the offsets in per_struct are exactly
-                 * twice the offsets in per_struct32 for all fields.
-                 * The 8 byte fields need special handling though,
-                 * because the second half (bytes 4-7) is needed and
-                 * not the first half.
+                 * Handle access to the per_info structure.
                  */
-                if ((offset >= (addr_t) &dummy_per32->control_regs &&
-                     offset < (addr_t) (&dummy_per32->control_regs + 1)) ||
-                    (offset >= (addr_t) &dummy_per32->starting_addr &&
-                     offset <= (addr_t) &dummy_per32->ending_addr) ||
-                    offset == (addr_t) &dummy_per32->lowcore.words.address)
-                        offset = offset*2 + 4;
-                else
-                        offset = offset*2;
-                *(__u32 *)((addr_t) &child->thread.per_info + offset) = tmp;
-
+                addr -= (addr_t) &dummy32->regs.per_info;
+                __poke_user_per_compat(child, addr, data);
         }
 
-        FixPerRegisters(child);
         return 0;
 }
 
 static int poke_user_compat(struct task_struct *child,
                             addr_t addr, addr_t data)
 {
-        if (!is_compat_task() || (addr & 3) || addr > sizeof(struct user32) - 3)
+        if (!is_compat_task() || (addr & 3) ||
+            addr > sizeof(struct compat_user) - 3)
                 return -EIO;
 
         return __poke_user_compat(child, addr, data);
@@ -601,7 +670,7 @@ long compat_arch_ptrace(struct task_struct *child, compat_long_t request,
 {
         unsigned long addr = caddr;
         unsigned long data = cdata;
-        ptrace_area_emu31 parea; 
+        compat_ptrace_area parea;
         int copied, ret;
 
         switch (request) {
diff --git a/arch/s390/kernel/reipl64.S b/arch/s390/kernel/reipl64.S
index 5e73dee63baa..9eabbc90795d 100644
--- a/arch/s390/kernel/reipl64.S
+++ b/arch/s390/kernel/reipl64.S
@@ -78,7 +78,7 @@ do_reipl_asm:	basr	%r13,0
  * in the ESA psw.
  * Bit 31 of the addresses has to be 0 for the
  * 31bit lpswe instruction a fact they appear to have
- * ommited from the pop.
+ * omitted from the pop.
  */
 .Lnewpsw:       .quad   0x0000000080000000
                 .quad   .Lpg1
diff --git a/arch/s390/kernel/s390_ext.c b/arch/s390/kernel/s390_ext.c
deleted file mode 100644
index 9ce641b5291f..000000000000
--- a/arch/s390/kernel/s390_ext.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/*
- *  arch/s390/kernel/s390_ext.c
- *
- *  S390 version
- *    Copyright (C) 1999,2000 IBM Deutschland Entwicklung GmbH, IBM Corporation
- *    Author(s): Holger Smolinski (Holger.Smolinski@de.ibm.com),
- *               Martin Schwidefsky (schwidefsky@de.ibm.com)
- */
-
-#include <linux/module.h>
-#include <linux/kernel.h>
-#include <linux/slab.h>
-#include <linux/ftrace.h>
-#include <linux/errno.h>
-#include <linux/kernel_stat.h>
-#include <linux/interrupt.h>
-#include <asm/cputime.h>
-#include <asm/lowcore.h>
-#include <asm/s390_ext.h>
-#include <asm/irq_regs.h>
-#include <asm/irq.h>
-#include "entry.h"
-
-/*
- * ext_int_hash[index] is the start of the list for all external interrupts
- * that hash to this index. With the current set of external interrupts 
- * (0x1202 external call, 0x1004 cpu timer, 0x2401 hwc console, 0x4000
- * iucv and 0x2603 pfault) this is always the first element. 
- */
-ext_int_info_t *ext_int_hash[256] = { NULL, };
-
-static inline int ext_hash(__u16 code)
-{
-        return (code + (code >> 9)) & 0xff;
-}
-
-int register_external_interrupt(__u16 code, ext_int_handler_t handler)
-{
-        ext_int_info_t *p;
-        int index;
-
-        p = kmalloc(sizeof(ext_int_info_t), GFP_ATOMIC);
-        if (p == NULL)
-                return -ENOMEM;
-        p->code = code;
-        p->handler = handler;
-        index = ext_hash(code);
-        p->next = ext_int_hash[index];
-        ext_int_hash[index] = p;
-        return 0;
-}
-
-int register_early_external_interrupt(__u16 code, ext_int_handler_t handler,
-                                      ext_int_info_t *p)
-{
-        int index;
-
-        if (p == NULL)
-                return -EINVAL;
-        p->code = code;
-        p->handler = handler;
-        index = ext_hash(code);
-        p->next = ext_int_hash[index];
-        ext_int_hash[index] = p;
-        return 0;
-}
-
-int unregister_external_interrupt(__u16 code, ext_int_handler_t handler)
-{
-        ext_int_info_t *p, *q;
-        int index;
-
-        index = ext_hash(code);
-        q = NULL;
-        p = ext_int_hash[index];
-        while (p != NULL) {
-                if (p->code == code && p->handler == handler)
-                        break;
-                q = p;
-                p = p->next;
-        }
-        if (p == NULL)
-                return -ENOENT;
-        if (q != NULL)
-                q->next = p->next;
-        else
-                ext_int_hash[index] = p->next;
-        kfree(p);
-        return 0;
-}
-
-int unregister_early_external_interrupt(__u16 code, ext_int_handler_t handler,
-                                        ext_int_info_t *p)
-{
-        ext_int_info_t *q;
-        int index;
-
-        if (p == NULL || p->code != code || p->handler != handler)
-                return -EINVAL;
-        index = ext_hash(code);
-        q = ext_int_hash[index];
-        if (p != q) {
-                while (q != NULL) {
-                        if (q->next == p)
-                                break;
-                        q = q->next;
-                }
-                if (q == NULL)
-                        return -ENOENT;
-                q->next = p->next;
-        } else
-                ext_int_hash[index] = p->next;
-        return 0;
-}
-
-void __irq_entry do_extint(struct pt_regs *regs, unsigned short code)
-{
-        ext_int_info_t *p;
-        int index;
-        struct pt_regs *old_regs;
-
-        old_regs = set_irq_regs(regs);
-        s390_idle_check(regs, S390_lowcore.int_clock,
-                        S390_lowcore.async_enter_timer);
-        irq_enter();
-        if (S390_lowcore.int_clock >= S390_lowcore.clock_comparator)
-                /* Serve timer interrupts first. */
-                clock_comparator_work();
-        kstat_cpu(smp_processor_id()).irqs[EXTERNAL_INTERRUPT]++;
-        if (code != 0x1004)
-                __get_cpu_var(s390_idle).nohz_delay = 1;
-        index = ext_hash(code);
-        for (p = ext_int_hash[index]; p; p = p->next) {
-                if (likely(p->code == code))
-                        p->handler(code);
-        }
-        irq_exit();
-        set_irq_regs(old_regs);
-}
-
-EXPORT_SYMBOL(register_external_interrupt);
-EXPORT_SYMBOL(unregister_external_interrupt);
diff --git a/arch/s390/kernel/setup.c b/arch/s390/kernel/setup.c
index c8e8e1354e1d..0c35dee10b00 100644
--- a/arch/s390/kernel/setup.c
+++ b/arch/s390/kernel/setup.c
@@ -102,16 +102,6 @@ EXPORT_SYMBOL(lowcore_ptr);
 
 #include <asm/setup.h>
 
-static struct resource code_resource = {
-        .name  = "Kernel code",
-        .flags = IORESOURCE_BUSY | IORESOURCE_MEM,
-};
-
-static struct resource data_resource = {
-        .name = "Kernel data",
-        .flags = IORESOURCE_BUSY | IORESOURCE_MEM,
-};
-
 /*
  * condev= and conmode= setup parameter.
  */
@@ -315,8 +305,7 @@ static int set_amode_and_uaccess(unsigned long user_amode,
  */
 static int __init early_parse_switch_amode(char *p)
 {
-        if (user_mode != SECONDARY_SPACE_MODE)
-                user_mode = PRIMARY_SPACE_MODE;
+        user_mode = PRIMARY_SPACE_MODE;
         return 0;
 }
 early_param("switch_amode", early_parse_switch_amode);
@@ -325,10 +314,6 @@ static int __init early_parse_user_mode(char *p)
 {
         if (p && strcmp(p, "primary") == 0)
                 user_mode = PRIMARY_SPACE_MODE;
-#ifdef CONFIG_S390_EXEC_PROTECT
-        else if (p && strcmp(p, "secondary") == 0)
-                user_mode = SECONDARY_SPACE_MODE;
-#endif
         else if (!p || strcmp(p, "home") == 0)
                 user_mode = HOME_SPACE_MODE;
         else
@@ -337,31 +322,9 @@ static int __init early_parse_user_mode(char *p)
 }
 early_param("user_mode", early_parse_user_mode);
 
-#ifdef CONFIG_S390_EXEC_PROTECT
-/*
- * Enable execute protection?
- */
-static int __init early_parse_noexec(char *p)
-{
-        if (!strncmp(p, "off", 3))
-                return 0;
-        user_mode = SECONDARY_SPACE_MODE;
-        return 0;
-}
-early_param("noexec", early_parse_noexec);
-#endif /* CONFIG_S390_EXEC_PROTECT */
-
 static void setup_addressing_mode(void)
 {
-        if (user_mode == SECONDARY_SPACE_MODE) {
-                if (set_amode_and_uaccess(PSW_ASC_SECONDARY,
-                                          PSW32_ASC_SECONDARY))
-                        pr_info("Execute protection active, "
-                                "mvcos available\n");
-                else
-                        pr_info("Execute protection active, "
-                                "mvcos not available\n");
-        } else if (user_mode == PRIMARY_SPACE_MODE) {
+        if (user_mode == PRIMARY_SPACE_MODE) {
                 if (set_amode_and_uaccess(PSW_ASC_PRIMARY, PSW32_ASC_PRIMARY))
                         pr_info("Address spaces switched, "
                                 "mvcos available\n");
@@ -409,6 +372,9 @@ setup_lowcore(void)
         lc->current_task = (unsigned long) init_thread_union.thread_info.task;
         lc->thread_info = (unsigned long) &init_thread_union;
         lc->machine_flags = S390_lowcore.machine_flags;
+        lc->stfl_fac_list = S390_lowcore.stfl_fac_list;
+        memcpy(lc->stfle_fac_list, S390_lowcore.stfle_fac_list,
+               MAX_FACILITY_BIT/8);
 #ifndef CONFIG_64BIT
         if (MACHINE_HAS_IEEE) {
                 lc->extended_save_area_addr = (__u32)
@@ -433,21 +399,43 @@ setup_lowcore(void)
         lowcore_ptr[0] = lc;
 }
 
-static void __init
-setup_resources(void)
+static struct resource code_resource = {
+        .name  = "Kernel code",
+        .flags = IORESOURCE_BUSY | IORESOURCE_MEM,
+};
+
+static struct resource data_resource = {
+        .name = "Kernel data",
+        .flags = IORESOURCE_BUSY | IORESOURCE_MEM,
+};
+
+static struct resource bss_resource = {
+        .name = "Kernel bss",
+        .flags = IORESOURCE_BUSY | IORESOURCE_MEM,
+};
+
+static struct resource __initdata *standard_resources[] = {
+        &code_resource,
+        &data_resource,
+        &bss_resource,
+};
+
+static void __init setup_resources(void)
 {
-        struct resource *res, *sub_res;
-        int i;
+        struct resource *res, *std_res, *sub_res;
+        int i, j;
 
         code_resource.start = (unsigned long) &_text;
         code_resource.end = (unsigned long) &_etext - 1;
         data_resource.start = (unsigned long) &_etext;
         data_resource.end = (unsigned long) &_edata - 1;
+        bss_resource.start = (unsigned long) &__bss_start;
+        bss_resource.end = (unsigned long) &__bss_stop - 1;
 
         for (i = 0; i < MEMORY_CHUNKS; i++) {
                 if (!memory_chunk[i].size)
                         continue;
-                res = alloc_bootmem_low(sizeof(struct resource));
+                res = alloc_bootmem_low(sizeof(*res));
                 res->flags = IORESOURCE_BUSY | IORESOURCE_MEM;
                 switch (memory_chunk[i].type) {
                 case CHUNK_READ_WRITE:
@@ -461,40 +449,24 @@ setup_resources(void)
                         res->name = "reserved";
                 }
                 res->start = memory_chunk[i].addr;
-                res->end = memory_chunk[i].addr +  memory_chunk[i].size - 1;
+                res->end = res->start + memory_chunk[i].size - 1;
                 request_resource(&iomem_resource, res);
 
-                if (code_resource.start >= res->start  &&
-                        code_resource.start <= res->end &&
-                        code_resource.end > res->end) {
-                        sub_res = alloc_bootmem_low(sizeof(struct resource));
-                        memcpy(sub_res, &code_resource,
-                                sizeof(struct resource));
-                        sub_res->end = res->end;
-                        code_resource.start = res->end + 1;
-                        request_resource(res, sub_res);
-                }
-
-                if (code_resource.start >= res->start &&
-                        code_resource.start <= res->end &&
-                        code_resource.end <= res->end)
-                        request_resource(res, &code_resource);
-
-                if (data_resource.start >= res->start &&
-                        data_resource.start <= res->end &&
-                        data_resource.end > res->end) {
-                        sub_res = alloc_bootmem_low(sizeof(struct resource));
-                        memcpy(sub_res, &data_resource,
-                                sizeof(struct resource));
-                        sub_res->end = res->end;
-                        data_resource.start = res->end + 1;
-                        request_resource(res, sub_res);
+                for (j = 0; j < ARRAY_SIZE(standard_resources); j++) {
+                        std_res = standard_resources[j];
+                        if (std_res->start < res->start ||
+                            std_res->start > res->end)
+                                continue;
+                        if (std_res->end > res->end) {
+                                sub_res = alloc_bootmem_low(sizeof(*sub_res));
+                                *sub_res = *std_res;
+                                sub_res->end = res->end;
+                                std_res->start = res->end + 1;
+                                request_resource(res, sub_res);
+                        } else {
+                                request_resource(res, std_res);
+                        }
                 }
-
-                if (data_resource.start >= res->start &&
-                        data_resource.start <= res->end &&
-                        data_resource.end <= res->end)
-                        request_resource(res, &data_resource);
         }
 }
 
@@ -627,7 +599,8 @@ setup_memory(void)
                 add_active_range(0, start_chunk, end_chunk);
                 pfn = max(start_chunk, start_pfn);
                 for (; pfn < end_chunk; pfn++)
-                        page_set_storage_key(PFN_PHYS(pfn), PAGE_DEFAULT_KEY);
+                        page_set_storage_key(PFN_PHYS(pfn),
+                                             PAGE_DEFAULT_KEY, 0);
         }
 
         psw_set_key(PAGE_DEFAULT_KEY);
@@ -674,12 +647,9 @@ setup_memory(void)
 static void __init setup_hwcaps(void)
 {
         static const int stfl_bits[6] = { 0, 2, 7, 17, 19, 21 };
-        unsigned long long facility_list_extended;
-        unsigned int facility_list;
         struct cpuid cpu_id;
         int i;
 
-        facility_list = stfl();
         /*
          * The store facility list bits numbers as found in the principles
          * of operation are numbered with bit 1UL<<31 as number 0 to
@@ -699,11 +669,10 @@ static void __init setup_hwcaps(void)
          *   HWCAP_S390_ETF3EH bit 8 (22 && 30).
          */
         for (i = 0; i < 6; i++)
-                if (facility_list & (1UL << (31 - stfl_bits[i])))
+                if (test_facility(stfl_bits[i]))
                         elf_hwcap |= 1UL << i;
 
-        if ((facility_list & (1UL << (31 - 22)))
-            && (facility_list & (1UL << (31 - 30))))
+        if (test_facility(22) && test_facility(30))
                 elf_hwcap |= HWCAP_S390_ETF3EH;
 
         /*
@@ -712,19 +681,15 @@ static void __init setup_hwcaps(void)
          * and 1ULL<<0 as bit 63. Bits 0-31 contain the same information
          * as stored by stfl, bits 32-xxx contain additional facilities.
          * How many facility words are stored depends on the number of
-         * doublewords passed to the instruction. The additional facilites
+         * doublewords passed to the instruction. The additional facilities
          * are:
          *   Bit 42: decimal floating point facility is installed
          *   Bit 44: perform floating point operation facility is installed
          * translated to:
          *   HWCAP_S390_DFP bit 6 (42 && 44).
          */
-        if ((elf_hwcap & (1UL << 2)) &&
-            __stfle(&facility_list_extended, 1) > 0) {
-                if ((facility_list_extended & (1ULL << (63 - 42)))
-                    && (facility_list_extended & (1ULL << (63 - 44))))
-                        elf_hwcap |= HWCAP_S390_DFP;
-        }
+        if ((elf_hwcap & (1UL << 2)) && test_facility(42) && test_facility(44))
+                elf_hwcap |= HWCAP_S390_DFP;
 
         /*
          * Huge page support HWCAP_S390_HPAGE is bit 7.
@@ -765,6 +730,9 @@ static void __init setup_hwcaps(void)
         case 0x2098:
                 strcpy(elf_platform, "z10");
                 break;
+        case 0x2817:
+                strcpy(elf_platform, "z196");
+                break;
         }
 }
 
diff --git a/arch/s390/kernel/signal.c b/arch/s390/kernel/signal.c
index ee7ac8b11782..abbb3c3c7aab 100644
--- a/arch/s390/kernel/signal.c
+++ b/arch/s390/kernel/signal.c
@@ -505,7 +505,7 @@ void do_signal(struct pt_regs *regs)
                          * Let tracing know that we've done the handler setup.
                          */
                         tracehook_signal_handler(signr, &info, &ka, regs,
-                                        current->thread.per_info.single_step);
+                                        test_thread_flag(TIF_SINGLE_STEP));
                 }
                 return;
         }
diff --git a/arch/s390/kernel/smp.c b/arch/s390/kernel/smp.c
index 8127ebd59c4d..1d55c95f617c 100644
--- a/arch/s390/kernel/smp.c
+++ b/arch/s390/kernel/smp.c
@@ -23,6 +23,7 @@
 #define KMSG_COMPONENT "cpu"
 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
 
+#include <linux/workqueue.h>
 #include <linux/module.h>
 #include <linux/init.h>
 #include <linux/mm.h>
@@ -43,7 +44,6 @@
 #include <asm/sigp.h>
 #include <asm/pgalloc.h>
 #include <asm/irq.h>
-#include <asm/s390_ext.h>
 #include <asm/cpcmd.h>
 #include <asm/tlbflush.h>
 #include <asm/timer.h>
@@ -156,18 +156,20 @@ void smp_send_stop(void)
  * cpus are handled.
  */
 
-static void do_ext_call_interrupt(__u16 code)
+static void do_ext_call_interrupt(unsigned int ext_int_code,
+                                  unsigned int param32, unsigned long param64)
 {
         unsigned long bits;
 
+        kstat_cpu(smp_processor_id()).irqs[EXTINT_IPI]++;
         /*
          * handle bit signal external calls
-         *
-         * For the ec_schedule signal we have to do nothing. All the work
-         * is done automatically when we return from the interrupt.
          */
         bits = xchg(&S390_lowcore.ext_call_fast, 0);
 
+        if (test_bit(ec_schedule, &bits))
+                scheduler_ipi();
+
         if (test_bit(ec_call_function, &bits))
                 generic_smp_call_function_interrupt();
 
@@ -260,7 +262,7 @@ void smp_ctl_set_bit(int cr, int bit)
 
         memset(&parms.orvals, 0, sizeof(parms.orvals));
         memset(&parms.andvals, 0xff, sizeof(parms.andvals));
-        parms.orvals[cr] = 1 << bit;
+        parms.orvals[cr] = 1UL << bit;
         on_each_cpu(smp_ctl_bit_callback, &parms, 1);
 }
 EXPORT_SYMBOL(smp_ctl_set_bit);
@@ -274,7 +276,7 @@ void smp_ctl_clear_bit(int cr, int bit)
 
         memset(&parms.orvals, 0, sizeof(parms.orvals));
         memset(&parms.andvals, 0xff, sizeof(parms.andvals));
-        parms.andvals[cr] = ~(1L << bit);
+        parms.andvals[cr] = ~(1UL << bit);
         on_each_cpu(smp_ctl_bit_callback, &parms, 1);
 }
 EXPORT_SYMBOL(smp_ctl_clear_bit);
@@ -332,7 +334,7 @@ static int smp_rescan_cpus_sigp(cpumask_t avail)
                 smp_cpu_polarization[logical_cpu] = POLARIZATION_UNKNWN;
                 if (!cpu_stopped(logical_cpu))
                         continue;
-                cpu_set(logical_cpu, cpu_present_map);
+                set_cpu_present(logical_cpu, true);
                 smp_cpu_state[logical_cpu] = CPU_STATE_CONFIGURED;
                 logical_cpu = cpumask_next(logical_cpu, &avail);
                 if (logical_cpu >= nr_cpu_ids)
@@ -364,7 +366,7 @@ static int smp_rescan_cpus_sclp(cpumask_t avail)
                         continue;
                 __cpu_logical_map[logical_cpu] = cpu_id;
                 smp_cpu_polarization[logical_cpu] = POLARIZATION_UNKNWN;
-                cpu_set(logical_cpu, cpu_present_map);
+                set_cpu_present(logical_cpu, true);
                 if (cpu >= info->configured)
                         smp_cpu_state[logical_cpu] = CPU_STATE_STANDBY;
                 else
@@ -382,7 +384,7 @@ static int __smp_rescan_cpus(void)
 {
         cpumask_t avail;
 
-        cpus_xor(avail, cpu_possible_map, cpu_present_map);
+        cpumask_xor(&avail, cpu_possible_mask, cpu_present_mask);
         if (smp_use_sigp_detection)
                 return smp_rescan_cpus_sigp(avail);
         else
@@ -464,29 +466,29 @@ int __cpuinit start_secondary(void *cpuvoid)
         notify_cpu_starting(smp_processor_id());
         /* Mark this cpu as online */
         ipi_call_lock();
-        cpu_set(smp_processor_id(), cpu_online_map);
+        set_cpu_online(smp_processor_id(), true);
         ipi_call_unlock();
         /* Switch on interrupts */
         local_irq_enable();
-        /* Print info about this processor */
-        print_cpu_info();
         /* cpu_idle will call schedule for us */
         cpu_idle();
         return 0;
 }
 
-static void __init smp_create_idle(unsigned int cpu)
+struct create_idle {
+        struct work_struct work;
+        struct task_struct *idle;
+        struct completion done;
+        int cpu;
+};
+
+static void __cpuinit smp_fork_idle(struct work_struct *work)
 {
-        struct task_struct *p;
+        struct create_idle *c_idle;
 
-        /*
-         *  don't care about the psw and regs settings since we'll never
-         *  reschedule the forked task.
-         */
-        p = fork_idle(cpu);
-        if (IS_ERR(p))
-                panic("failed fork for CPU %u: %li", cpu, PTR_ERR(p));
-        current_set[cpu] = p;
+        c_idle = container_of(work, struct create_idle, work);
+        c_idle->idle = fork_idle(c_idle->cpu);
+        complete(&c_idle->done);
 }
 
 static int __cpuinit smp_alloc_lowcore(int cpu)
@@ -550,6 +552,7 @@ static void smp_free_lowcore(int cpu)
 int __cpuinit __cpu_up(unsigned int cpu)
 {
         struct _lowcore *cpu_lowcore;
+        struct create_idle c_idle;
         struct task_struct *idle;
         struct stack_frame *sf;
         u32 lowcore;
@@ -557,6 +560,19 @@ int __cpuinit __cpu_up(unsigned int cpu)
 
         if (smp_cpu_state[cpu] != CPU_STATE_CONFIGURED)
                 return -EIO;
+        idle = current_set[cpu];
+        if (!idle) {
+                c_idle.done = COMPLETION_INITIALIZER_ONSTACK(c_idle.done);
+                INIT_WORK_ONSTACK(&c_idle.work, smp_fork_idle);
+                c_idle.cpu = cpu;
+                schedule_work(&c_idle.work);
+                wait_for_completion(&c_idle.done);
+                if (IS_ERR(c_idle.idle))
+                        return PTR_ERR(c_idle.idle);
+                idle = c_idle.idle;
+                current_set[cpu] = c_idle.idle;
+        }
+        init_idle(idle, cpu);
         if (smp_alloc_lowcore(cpu))
                 return -ENOMEM;
         do {
@@ -571,7 +587,6 @@ int __cpuinit __cpu_up(unsigned int cpu)
         while (sigp_p(lowcore, cpu, sigp_set_prefix) == sigp_busy)
                 udelay(10);
 
-        idle = current_set[cpu];
         cpu_lowcore = lowcore_ptr[cpu];
         cpu_lowcore->kernel_stack = (unsigned long)
                 task_stack_page(idle) + THREAD_SIZE;
@@ -593,6 +608,8 @@ int __cpuinit __cpu_up(unsigned int cpu)
         cpu_lowcore->kernel_asce = S390_lowcore.kernel_asce;
         cpu_lowcore->machine_flags = S390_lowcore.machine_flags;
         cpu_lowcore->ftrace_func = S390_lowcore.ftrace_func;
+        memcpy(cpu_lowcore->stfle_fac_list, S390_lowcore.stfle_fac_list,
+               MAX_FACILITY_BIT/8);
         eieio();
 
         while (sigp(cpu, sigp_restart) == sigp_busy)
@@ -626,7 +643,7 @@ int __cpu_disable(void)
         struct ec_creg_mask_parms cr_parms;
         int cpu = smp_processor_id();
 
-        cpu_clear(cpu, cpu_online_map);
+        set_cpu_online(cpu, false);
 
         /* Disable pfault pseudo page faults on this cpu. */
         pfault_fini();
@@ -636,8 +653,8 @@ int __cpu_disable(void)
 
         /* disable all external interrupts */
         cr_parms.orvals[0] = 0;
-        cr_parms.andvals[0] = ~(1 << 15 | 1 << 14 | 1 << 13 | 1 << 12 |
-                                1 << 11 | 1 << 10 | 1 <<  6 | 1 <<  4);
+        cr_parms.andvals[0] = ~(1 << 15 | 1 << 14 | 1 << 13 | 1 << 11 |
+                                1 << 10 | 1 <<  9 | 1 <<  6 | 1 <<  4);
         /* disable all I/O interrupts */
         cr_parms.orvals[6] = 0;
         cr_parms.andvals[6] = ~(1 << 31 | 1 << 30 | 1 << 29 | 1 << 28 |
@@ -661,10 +678,9 @@ void __cpu_die(unsigned int cpu)
                 udelay(10);
         smp_free_lowcore(cpu);
         atomic_dec(&init_mm.context.attach_count);
-        pr_info("Processor %d stopped\n", cpu);
 }
 
-void cpu_die(void)
+void __noreturn cpu_die(void)
 {
         idle_task_exit();
         while (sigp(smp_processor_id(), sigp_stop) == sigp_busy)
@@ -681,14 +697,12 @@ void __init smp_prepare_cpus(unsigned int max_cpus)
 #endif
         unsigned long async_stack, panic_stack;
         struct _lowcore *lowcore;
-        unsigned int cpu;
 
         smp_detect_cpus();
 
         /* request the 0x1201 emergency signal external interrupt */
         if (register_external_interrupt(0x1201, do_ext_call_interrupt) != 0)
                 panic("Couldn't request external interrupt 0x1201");
-        print_cpu_info();
 
         /* Reallocate current lowcore, but keep its contents. */
         lowcore = (void *) __get_free_pages(GFP_KERNEL | GFP_DMA, LC_ORDER);
@@ -716,9 +730,6 @@ void __init smp_prepare_cpus(unsigned int max_cpus)
         if (vdso_alloc_per_cpu(smp_processor_id(), &S390_lowcore))
                 BUG();
 #endif
-        for_each_possible_cpu(cpu)
-                if (cpu != smp_processor_id())
-                        smp_create_idle(cpu);
 }
 
 void __init smp_prepare_boot_cpu(void)
@@ -726,8 +737,8 @@ void __init smp_prepare_boot_cpu(void)
         BUG_ON(smp_processor_id() != 0);
 
         current_thread_info()->cpu = 0;
-        cpu_set(0, cpu_present_map);
-        cpu_set(0, cpu_online_map);
+        set_cpu_present(0, true);
+        set_cpu_online(0, true);
         S390_lowcore.percpu_offset = __per_cpu_offset[0];
         current_set[0] = current;
         smp_cpu_state[0] = CPU_STATE_CONFIGURED;
@@ -1004,21 +1015,21 @@ int __ref smp_rescan_cpus(void)
 
         get_online_cpus();
         mutex_lock(&smp_cpu_state_mutex);
-        newcpus = cpu_present_map;
+        cpumask_copy(&newcpus, cpu_present_mask);
         rc = __smp_rescan_cpus();
         if (rc)
                 goto out;
-        cpus_andnot(newcpus, cpu_present_map, newcpus);
-        for_each_cpu_mask(cpu, newcpus) {
+        cpumask_andnot(&newcpus, cpu_present_mask, &newcpus);
+        for_each_cpu(cpu, &newcpus) {
                 rc = smp_add_present_cpu(cpu);
                 if (rc)
-                        cpu_clear(cpu, cpu_present_map);
+                        set_cpu_present(cpu, false);
         }
         rc = 0;
 out:
         mutex_unlock(&smp_cpu_state_mutex);
         put_online_cpus();
-        if (!cpus_empty(newcpus))
+        if (!cpumask_empty(&newcpus))
                 topology_schedule_update();
         return rc;
 }
diff --git a/arch/s390/kernel/switch_cpu.S b/arch/s390/kernel/switch_cpu.S
index 469f11b574fa..20530dd2eab1 100644
--- a/arch/s390/kernel/switch_cpu.S
+++ b/arch/s390/kernel/switch_cpu.S
@@ -46,7 +46,9 @@ smp_restart_cpu:
         ltr     %r4,%r4                 /* New stack ? */
         jz      1f
         lr      %r15,%r4
-1:      basr    %r14,%r2
+1:      lr      %r14,%r2                /* r14: Function to call */
+        lr      %r2,%r3                 /* r2 : Parameter for function*/
+        basr    %r14,%r14               /* Call function */
 
 .gprregs_addr:
         .long   .gprregs
diff --git a/arch/s390/kernel/switch_cpu64.S b/arch/s390/kernel/switch_cpu64.S
index d94aacc898cb..5be3f43898f9 100644
--- a/arch/s390/kernel/switch_cpu64.S
+++ b/arch/s390/kernel/switch_cpu64.S
@@ -42,7 +42,9 @@ smp_restart_cpu:
         ltgr    %r4,%r4                 /* New stack ? */
         jz      1f
         lgr     %r15,%r4
-1:      basr    %r14,%r2
+1:      lgr     %r14,%r2                /* r14: Function to call */
+        lgr     %r2,%r3                 /* r2 : Parameter for function*/
+        basr    %r14,%r14               /* Call function */
 
         .section .data,"aw",@progbits
 .gprregs:
diff --git a/arch/s390/kernel/syscalls.S b/arch/s390/kernel/syscalls.S
index a8fee1b14395..6ee39ef8fe4a 100644
--- a/arch/s390/kernel/syscalls.S
+++ b/arch/s390/kernel/syscalls.S
@@ -343,3 +343,8 @@ SYSCALL(sys_perf_event_open,sys_perf_event_open,sys_perf_event_open_wrapper)
 SYSCALL(sys_fanotify_init,sys_fanotify_init,sys_fanotify_init_wrapper)
 SYSCALL(sys_fanotify_mark,sys_fanotify_mark,sys_fanotify_mark_wrapper)
 SYSCALL(sys_prlimit64,sys_prlimit64,sys_prlimit64_wrapper)
+SYSCALL(sys_name_to_handle_at,sys_name_to_handle_at,sys_name_to_handle_at_wrapper) /* 335 */
+SYSCALL(sys_open_by_handle_at,sys_open_by_handle_at,compat_sys_open_by_handle_at_wrapper)
+SYSCALL(sys_clock_adjtime,sys_clock_adjtime,compat_sys_clock_adjtime_wrapper)
+SYSCALL(sys_syncfs,sys_syncfs,sys_syncfs_wrapper)
+SYSCALL(sys_setns,sys_setns,sys_setns_wrapper)
diff --git a/arch/s390/kernel/sysinfo.c b/arch/s390/kernel/sysinfo.c
index a0ffc7717ed6..5c9e439bf3f6 100644
--- a/arch/s390/kernel/sysinfo.c
+++ b/arch/s390/kernel/sysinfo.c
@@ -15,6 +15,7 @@
 #include <asm/ebcdic.h>
 #include <asm/sysinfo.h>
 #include <asm/cpcmd.h>
+#include <asm/topology.h>
 
 /* Sigh, math-emu. Don't ask. */
 #include <asm/sfp-util.h>
@@ -74,6 +75,44 @@ static int stsi_1_1_1(struct sysinfo_1_1_1 *info, char *page, int len)
                                "Model Temp. Capacity: %-16.16s %08u\n",
                                info->model_temp_cap,
                                *(u32 *) info->model_temp_cap_rating);
+        if (info->cai) {
+                len += sprintf(page + len,
+                               "Capacity Adj. Ind.:   %d\n",
+                               info->cai);
+                len += sprintf(page + len, "Capacity Ch. Reason:  %d\n",
+                               info->ccr);
+        }
+        return len;
+}
+
+static int stsi_15_1_x(struct sysinfo_15_1_x *info, char *page, int len)
+{
+        static int max_mnest;
+        int i, rc;
+
+        len += sprintf(page + len, "\n");
+        if (!MACHINE_HAS_TOPOLOGY)
+                return len;
+        if (max_mnest) {
+                stsi(info, 15, 1, max_mnest);
+        } else {
+                for (max_mnest = 6; max_mnest > 1; max_mnest--) {
+                        rc = stsi(info, 15, 1, max_mnest);
+                        if (rc != -ENOSYS)
+                                break;
+                }
+        }
+        len += sprintf(page + len, "CPU Topology HW:     ");
+        for (i = 0; i < TOPOLOGY_NR_MAG; i++)
+                len += sprintf(page + len, " %d", info->mag[i]);
+        len += sprintf(page + len, "\n");
+#ifdef CONFIG_SCHED_MC
+        store_topology(info);
+        len += sprintf(page + len, "CPU Topology SW:     ");
+        for (i = 0; i < TOPOLOGY_NR_MAG; i++)
+                len += sprintf(page + len, " %d", info->mag[i]);
+        len += sprintf(page + len, "\n");
+#endif
         return len;
 }
 
@@ -87,7 +126,6 @@ static int stsi_1_2_2(struct sysinfo_1_2_2 *info, char *page, int len)
         ext = (struct sysinfo_1_2_2_extension *)
                 ((unsigned long) info + info->acc_offset);
 
-        len += sprintf(page + len, "\n");
         len += sprintf(page + len, "CPUs Total:           %d\n",
                        info->cpus_total);
         len += sprintf(page + len, "CPUs Configured:      %d\n",
@@ -217,6 +255,9 @@ static int proc_read_sysinfo(char *page, char **start,
                 len = stsi_1_1_1((struct sysinfo_1_1_1 *) info, page, len);
 
         if (level >= 1)
+                len = stsi_15_1_x((struct sysinfo_15_1_x *) info, page, len);
+
+        if (level >= 1)
                 len = stsi_1_2_2((struct sysinfo_1_2_2 *) info, page, len);
 
         if (level >= 2)
diff --git a/arch/s390/kernel/time.c b/arch/s390/kernel/time.c
index 2896cac9c14a..dff933065ab6 100644
--- a/arch/s390/kernel/time.c
+++ b/arch/s390/kernel/time.c
@@ -15,6 +15,7 @@
 #define KMSG_COMPONENT "time"
 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
 
+#include <linux/kernel_stat.h>
 #include <linux/errno.h>
 #include <linux/module.h>
 #include <linux/sched.h>
@@ -37,9 +38,9 @@
 #include <linux/clocksource.h>
 #include <linux/clockchips.h>
 #include <linux/gfp.h>
+#include <linux/kprobes.h>
 #include <asm/uaccess.h>
 #include <asm/delay.h>
-#include <asm/s390_ext.h>
 #include <asm/div64.h>
 #include <asm/vdso.h>
 #include <asm/irq.h>
@@ -60,7 +61,7 @@ static DEFINE_PER_CPU(struct clock_event_device, comparators);
 /*
  * Scheduler clock - returns current time in nanosec units.
  */
-unsigned long long notrace sched_clock(void)
+unsigned long long notrace __kprobes sched_clock(void)
 {
         return (get_clock_monotonic() * 125) >> 9;
 }
@@ -155,8 +156,11 @@ void init_cpu_timer(void)
         __ctl_set_bit(0, 4);
 }
 
-static void clock_comparator_interrupt(__u16 code)
+static void clock_comparator_interrupt(unsigned int ext_int_code,
+                                       unsigned int param32,
+                                       unsigned long param64)
 {
+        kstat_cpu(smp_processor_id()).irqs[EXTINT_CLK]++;
         if (S390_lowcore.clock_comparator == -1ULL)
                 set_clock_comparator(S390_lowcore.clock_comparator);
 }
@@ -164,14 +168,14 @@ static void clock_comparator_interrupt(__u16 code)
 static void etr_timing_alert(struct etr_irq_parm *);
 static void stp_timing_alert(struct stp_irq_parm *);
 
-static void timing_alert_interrupt(__u16 code)
+static void timing_alert_interrupt(unsigned int ext_int_code,
+                                   unsigned int param32, unsigned long param64)
 {
-        if (S390_lowcore.ext_params & 0x00c40000)
-                etr_timing_alert((struct etr_irq_parm *)
-                                 &S390_lowcore.ext_params);
-        if (S390_lowcore.ext_params & 0x00038000)
-                stp_timing_alert((struct stp_irq_parm *)
-                                 &S390_lowcore.ext_params);
+        kstat_cpu(smp_processor_id()).irqs[EXTINT_TLA]++;
+        if (param32 & 0x00c40000)
+                etr_timing_alert((struct etr_irq_parm *) &param32);
+        if (param32 & 0x00038000)
+                stp_timing_alert((struct stp_irq_parm *) &param32);
 }
 
 static void etr_reset(void);
@@ -719,7 +723,7 @@ static void clock_sync_cpu(struct clock_sync_data *sync)
 }
 
 /*
- * Sync the TOD clock using the port refered to by aibp. This port
+ * Sync the TOD clock using the port referred to by aibp. This port
  * has to be enabled and the other port has to be disabled. The
  * last eacr update has to be more than 1.6 seconds in the past.
  */
@@ -805,7 +809,7 @@ static int etr_sync_clock_stop(struct etr_aib *aib, int port)
         etr_sync.etr_port = port;
         get_online_cpus();
         atomic_set(&etr_sync.cpus, num_online_cpus() - 1);
-        rc = stop_machine(etr_sync_clock, &etr_sync, &cpu_online_map);
+        rc = stop_machine(etr_sync_clock, &etr_sync, cpu_online_mask);
         put_online_cpus();
         return rc;
 }
@@ -1007,7 +1011,7 @@ static void etr_work_fn(struct work_struct *work)
                 eacr = etr_handle_update(&aib, eacr);
 
         /*
-         * Select ports to enable. The prefered synchronization mode is PPS.
+         * Select ports to enable. The preferred synchronization mode is PPS.
          * If a port can be enabled depends on a number of things:
          * 1) The port needs to be online and uptodate. A port is not
          *    disabled just because it is not uptodate, but it is only
@@ -1086,7 +1090,7 @@ static void etr_work_fn(struct work_struct *work)
         /*
          * Update eacr and try to synchronize the clock. If the update
          * of eacr caused a stepping port switch (or if we have to
-         * assume that a stepping port switch has occured) or the
+         * assume that a stepping port switch has occurred) or the
          * clock syncing failed, reset the sync check control bit
          * and set up a timer to try again after 0.5 seconds
          */
@@ -1574,7 +1578,7 @@ static void stp_work_fn(struct work_struct *work)
         memset(&stp_sync, 0, sizeof(stp_sync));
         get_online_cpus();
         atomic_set(&stp_sync.cpus, num_online_cpus() - 1);
-        stop_machine(stp_sync_clock, &stp_sync, &cpu_online_map);
+        stop_machine(stp_sync_clock, &stp_sync, cpu_online_mask);
         put_online_cpus();
 
         if (!check_sync_clock())
diff --git a/arch/s390/kernel/topology.c b/arch/s390/kernel/topology.c
index bcef00766a64..0cd340b72632 100644
--- a/arch/s390/kernel/topology.c
+++ b/arch/s390/kernel/topology.c
@@ -17,159 +17,140 @@
 #include <linux/smp.h>
 #include <linux/cpuset.h>
 #include <asm/delay.h>
-#include <asm/s390_ext.h>
-#include <asm/sysinfo.h>
-
-#define CPU_BITS 64
-#define NR_MAG 6
 
 #define PTF_HORIZONTAL  (0UL)
 #define PTF_VERTICAL    (1UL)
 #define PTF_CHECK       (2UL)
 
-struct tl_cpu {
-        unsigned char reserved0[4];
-        unsigned char :6;
-        unsigned char pp:2;
-        unsigned char reserved1;
-        unsigned short origin;
-        unsigned long mask[CPU_BITS / BITS_PER_LONG];
-};
-
-struct tl_container {
-        unsigned char reserved[7];
-        unsigned char id;
-};
-
-union tl_entry {
-        unsigned char nl;
-        struct tl_cpu cpu;
-        struct tl_container container;
-};
-
-struct tl_info {
-        unsigned char reserved0[2];
-        unsigned short length;
-        unsigned char mag[NR_MAG];
-        unsigned char reserved1;
-        unsigned char mnest;
-        unsigned char reserved2[4];
-        union tl_entry tle[0];
-};
-
-struct core_info {
-        struct core_info *next;
+struct mask_info {
+        struct mask_info *next;
         unsigned char id;
         cpumask_t mask;
 };
 
-static int topology_enabled;
+static int topology_enabled = 1;
 static void topology_work_fn(struct work_struct *work);
-static struct tl_info *tl_info;
-static struct core_info core_info;
-static int machine_has_topology;
+static struct sysinfo_15_1_x *tl_info;
 static struct timer_list topology_timer;
 static void set_topology_timer(void);
 static DECLARE_WORK(topology_work, topology_work_fn);
 /* topology_lock protects the core linked list */
 static DEFINE_SPINLOCK(topology_lock);
 
+static struct mask_info core_info;
 cpumask_t cpu_core_map[NR_CPUS];
 unsigned char cpu_core_id[NR_CPUS];
 
-static cpumask_t cpu_coregroup_map(unsigned int cpu)
+#ifdef CONFIG_SCHED_BOOK
+static struct mask_info book_info;
+cpumask_t cpu_book_map[NR_CPUS];
+unsigned char cpu_book_id[NR_CPUS];
+#endif
+
+static cpumask_t cpu_group_map(struct mask_info *info, unsigned int cpu)
 {
-        struct core_info *core = &core_info;
-        unsigned long flags;
         cpumask_t mask;
 
-        cpus_clear(mask);
-        if (!topology_enabled || !machine_has_topology)
-                return cpu_possible_map;
-        spin_lock_irqsave(&topology_lock, flags);
-        while (core) {
-                if (cpu_isset(cpu, core->mask)) {
-                        mask = core->mask;
+        cpumask_clear(&mask);
+        if (!topology_enabled || !MACHINE_HAS_TOPOLOGY) {
+                cpumask_copy(&mask, cpumask_of(cpu));
+                return mask;
+        }
+        while (info) {
+                if (cpumask_test_cpu(cpu, &info->mask)) {
+                        mask = info->mask;
                         break;
                 }
-                core = core->next;
+                info = info->next;
         }
-        spin_unlock_irqrestore(&topology_lock, flags);
-        if (cpus_empty(mask))
-                mask = cpumask_of_cpu(cpu);
+        if (cpumask_empty(&mask))
+                cpumask_copy(&mask, cpumask_of(cpu));
         return mask;
 }
 
-const struct cpumask *cpu_coregroup_mask(unsigned int cpu)
-{
-        return &cpu_core_map[cpu];
-}
-
-static void add_cpus_to_core(struct tl_cpu *tl_cpu, struct core_info *core)
+static void add_cpus_to_mask(struct topology_cpu *tl_cpu,
+                             struct mask_info *book, struct mask_info *core)
 {
         unsigned int cpu;
 
-        for (cpu = find_first_bit(&tl_cpu->mask[0], CPU_BITS);
-             cpu < CPU_BITS;
-             cpu = find_next_bit(&tl_cpu->mask[0], CPU_BITS, cpu + 1))
+        for (cpu = find_first_bit(&tl_cpu->mask[0], TOPOLOGY_CPU_BITS);
+             cpu < TOPOLOGY_CPU_BITS;
+             cpu = find_next_bit(&tl_cpu->mask[0], TOPOLOGY_CPU_BITS, cpu + 1))
         {
                 unsigned int rcpu, lcpu;
 
-                rcpu = CPU_BITS - 1 - cpu + tl_cpu->origin;
+                rcpu = TOPOLOGY_CPU_BITS - 1 - cpu + tl_cpu->origin;
                 for_each_present_cpu(lcpu) {
-                        if (cpu_logical_map(lcpu) == rcpu) {
-                                cpu_set(lcpu, core->mask);
-                                cpu_core_id[lcpu] = core->id;
-                                smp_cpu_polarization[lcpu] = tl_cpu->pp;
-                        }
+                        if (cpu_logical_map(lcpu) != rcpu)
+                                continue;
+#ifdef CONFIG_SCHED_BOOK
+                        cpumask_set_cpu(lcpu, &book->mask);
+                        cpu_book_id[lcpu] = book->id;
+#endif
+                        cpumask_set_cpu(lcpu, &core->mask);
+                        cpu_core_id[lcpu] = core->id;
+                        smp_cpu_polarization[lcpu] = tl_cpu->pp;
                 }
         }
 }
 
-static void clear_cores(void)
+static void clear_masks(void)
 {
-        struct core_info *core = &core_info;
+        struct mask_info *info;
 
-        while (core) {
-                cpus_clear(core->mask);
-                core = core->next;
+        info = &core_info;
+        while (info) {
+                cpumask_clear(&info->mask);
+                info = info->next;
         }
+#ifdef CONFIG_SCHED_BOOK
+        info = &book_info;
+        while (info) {
+                cpumask_clear(&info->mask);
+                info = info->next;
+        }
+#endif
 }
 
-static union tl_entry *next_tle(union tl_entry *tle)
+static union topology_entry *next_tle(union topology_entry *tle)
 {
-        if (tle->nl)
-                return (union tl_entry *)((struct tl_container *)tle + 1);
-        else
-                return (union tl_entry *)((struct tl_cpu *)tle + 1);
+        if (!tle->nl)
+                return (union topology_entry *)((struct topology_cpu *)tle + 1);
+        return (union topology_entry *)((struct topology_container *)tle + 1);
 }
 
-static void tl_to_cores(struct tl_info *info)
+static void tl_to_cores(struct sysinfo_15_1_x *info)
 {
-        union tl_entry *tle, *end;
-        struct core_info *core = &core_info;
+#ifdef CONFIG_SCHED_BOOK
+        struct mask_info *book = &book_info;
+#else
+        struct mask_info *book = NULL;
+#endif
+        struct mask_info *core = &core_info;
+        union topology_entry *tle, *end;
+
 
         spin_lock_irq(&topology_lock);
-        clear_cores();
+        clear_masks();
         tle = info->tle;
-        end = (union tl_entry *)((unsigned long)info + info->length);
+        end = (union topology_entry *)((unsigned long)info + info->length);
         while (tle < end) {
                 switch (tle->nl) {
-                case 5:
-                case 4:
-                case 3:
+#ifdef CONFIG_SCHED_BOOK
                 case 2:
+                        book = book->next;
+                        book->id = tle->container.id;
                         break;
+#endif
                 case 1:
                         core = core->next;
                         core->id = tle->container.id;
                         break;
                 case 0:
-                        add_cpus_to_core(&tle->cpu, core);
+                        add_cpus_to_mask(&tle->cpu, book, core);
                         break;
                 default:
-                        clear_cores();
-                        machine_has_topology = 0;
+                        clear_masks();
                         goto out;
                 }
                 tle = next_tle(tle);
@@ -206,7 +187,7 @@ int topology_set_cpu_management(int fc)
         int cpu;
         int rc;
 
-        if (!machine_has_topology)
+        if (!MACHINE_HAS_TOPOLOGY)
                 return -EOPNOTSUPP;
         if (fc)
                 rc = ptf(PTF_VERTICAL);
@@ -221,24 +202,43 @@ int topology_set_cpu_management(int fc)
 
 static void update_cpu_core_map(void)
 {
+        unsigned long flags;
         int cpu;
 
-        for_each_possible_cpu(cpu)
-                cpu_core_map[cpu] = cpu_coregroup_map(cpu);
+        spin_lock_irqsave(&topology_lock, flags);
+        for_each_possible_cpu(cpu) {
+                cpu_core_map[cpu] = cpu_group_map(&core_info, cpu);
+#ifdef CONFIG_SCHED_BOOK
+                cpu_book_map[cpu] = cpu_group_map(&book_info, cpu);
+#endif
+        }
+        spin_unlock_irqrestore(&topology_lock, flags);
+}
+
+void store_topology(struct sysinfo_15_1_x *info)
+{
+#ifdef CONFIG_SCHED_BOOK
+        int rc;
+
+        rc = stsi(info, 15, 1, 3);
+        if (rc != -ENOSYS)
+                return;
+#endif
+        stsi(info, 15, 1, 2);
 }
 
 int arch_update_cpu_topology(void)
 {
-        struct tl_info *info = tl_info;
+        struct sysinfo_15_1_x *info = tl_info;
         struct sys_device *sysdev;
         int cpu;
 
-        if (!machine_has_topology) {
+        if (!MACHINE_HAS_TOPOLOGY) {
                 update_cpu_core_map();
                 topology_update_polarization_simple();
                 return 0;
         }
-        stsi(info, 15, 1, 2);
+        store_topology(info);
         tl_to_cores(info);
         update_cpu_core_map();
         for_each_online_cpu(cpu) {
@@ -275,9 +275,9 @@ static void set_topology_timer(void)
 
 static int __init early_parse_topology(char *p)
 {
-        if (strncmp(p, "on", 2))
+        if (strncmp(p, "off", 3))
                 return 0;
-        topology_enabled = 1;
+        topology_enabled = 0;
         return 0;
 }
 early_param("topology", early_parse_topology);
@@ -287,7 +287,7 @@ static int __init init_topology_update(void)
         int rc;
 
         rc = 0;
-        if (!machine_has_topology) {
+        if (!MACHINE_HAS_TOPOLOGY) {
                 topology_update_polarization_simple();
                 goto out;
         }
@@ -299,41 +299,37 @@ out:
 }
 __initcall(init_topology_update);
 
+static void alloc_masks(struct sysinfo_15_1_x *info, struct mask_info *mask,
+                        int offset)
+{
+        int i, nr_masks;
+
+        nr_masks = info->mag[TOPOLOGY_NR_MAG - offset];
+        for (i = 0; i < info->mnest - offset; i++)
+                nr_masks *= info->mag[TOPOLOGY_NR_MAG - offset - 1 - i];
+        nr_masks = max(nr_masks, 1);
+        for (i = 0; i < nr_masks; i++) {
+                mask->next = alloc_bootmem(sizeof(struct mask_info));
+                mask = mask->next;
+        }
+}
+
 void __init s390_init_cpu_topology(void)
 {
-        unsigned long long facility_bits;
-        struct tl_info *info;
-        struct core_info *core;
-        int nr_cores;
+        struct sysinfo_15_1_x *info;
         int i;
 
-        if (stfle(&facility_bits, 1) <= 0)
-                return;
-        if (!(facility_bits & (1ULL << 52)) || !(facility_bits & (1ULL << 61)))
+        if (!MACHINE_HAS_TOPOLOGY)
                 return;
-        machine_has_topology = 1;
-
         tl_info = alloc_bootmem_pages(PAGE_SIZE);
         info = tl_info;
-        stsi(info, 15, 1, 2);
-
-        nr_cores = info->mag[NR_MAG - 2];
-        for (i = 0; i < info->mnest - 2; i++)
-                nr_cores *= info->mag[NR_MAG - 3 - i];
-
+        store_topology(info);
         pr_info("The CPU configuration topology of the machine is:");
-        for (i = 0; i < NR_MAG; i++)
+        for (i = 0; i < TOPOLOGY_NR_MAG; i++)
                 printk(" %d", info->mag[i]);
         printk(" / %d\n", info->mnest);
-
-        core = &core_info;
-        for (i = 0; i < nr_cores; i++) {
-                core->next = alloc_bootmem(sizeof(struct core_info));
-                core = core->next;
-                if (!core)
-                        goto error;
-        }
-        return;
-error:
-        machine_has_topology = 0;
+        alloc_masks(info, &core_info, 2);
+#ifdef CONFIG_SCHED_BOOK
+        alloc_masks(info, &book_info, 3);
+#endif
 }
diff --git a/arch/s390/kernel/traps.c b/arch/s390/kernel/traps.c
index 5d8f0f3d0250..a65d2e82f61d 100644
--- a/arch/s390/kernel/traps.c
+++ b/arch/s390/kernel/traps.c
@@ -39,7 +39,6 @@
 #include <asm/atomic.h>
 #include <asm/mathemu.h>
 #include <asm/cpcmd.h>
-#include <asm/s390_ext.h>
 #include <asm/lowcore.h>
 #include <asm/debug.h>
 #include "entry.h"
@@ -237,43 +236,6 @@ void show_regs(struct pt_regs *regs)
         show_last_breaking_event(regs);
 }
 
-/* This is called from fs/proc/array.c */
-void task_show_regs(struct seq_file *m, struct task_struct *task)
-{
-        struct pt_regs *regs;
-
-        regs = task_pt_regs(task);
-        seq_printf(m, "task: %p, ksp: %p\n",
-                       task, (void *)task->thread.ksp);
-        seq_printf(m, "User PSW : %p %p\n",
-                       (void *) regs->psw.mask, (void *)regs->psw.addr);
-
-        seq_printf(m, "User GPRS: " FOURLONG,
-                          regs->gprs[0], regs->gprs[1],
-                          regs->gprs[2], regs->gprs[3]);
-        seq_printf(m, "           " FOURLONG,
-                          regs->gprs[4], regs->gprs[5],
-                          regs->gprs[6], regs->gprs[7]);
-        seq_printf(m, "           " FOURLONG,
-                          regs->gprs[8], regs->gprs[9],
-                          regs->gprs[10], regs->gprs[11]);
-        seq_printf(m, "           " FOURLONG,
-                          regs->gprs[12], regs->gprs[13],
-                          regs->gprs[14], regs->gprs[15]);
-        seq_printf(m, "User ACRS: %08x %08x %08x %08x\n",
-                          task->thread.acrs[0], task->thread.acrs[1],
-                          task->thread.acrs[2], task->thread.acrs[3]);
-        seq_printf(m, "           %08x %08x %08x %08x\n",
-                          task->thread.acrs[4], task->thread.acrs[5],
-                          task->thread.acrs[6], task->thread.acrs[7]);
-        seq_printf(m, "           %08x %08x %08x %08x\n",
-                          task->thread.acrs[8], task->thread.acrs[9],
-                          task->thread.acrs[10], task->thread.acrs[11]);
-        seq_printf(m, "           %08x %08x %08x %08x\n",
-                          task->thread.acrs[12], task->thread.acrs[13],
-                          task->thread.acrs[14], task->thread.acrs[15]);
-}
-
 static DEFINE_SPINLOCK(die_lock);
 
 void die(const char * str, struct pt_regs * regs, long err)
@@ -329,27 +291,19 @@ int is_valid_bugaddr(unsigned long addr)
         return 1;
 }
 
-static void __kprobes inline do_trap(long interruption_code, int signr,
-                                        char *str, struct pt_regs *regs,
-                                        siginfo_t *info)
+static inline void __kprobes do_trap(long pgm_int_code, int signr, char *str,
+                                     struct pt_regs *regs, siginfo_t *info)
 {
-        /*
-         * We got all needed information from the lowcore and can
-         * now safely switch on interrupts.
-         */
-        if (regs->psw.mask & PSW_MASK_PSTATE)
-                local_irq_enable();
-
-        if (notify_die(DIE_TRAP, str, regs, interruption_code,
-                                interruption_code, signr) == NOTIFY_STOP)
+        if (notify_die(DIE_TRAP, str, regs, pgm_int_code,
+                       pgm_int_code, signr) == NOTIFY_STOP)
                 return;
 
         if (regs->psw.mask & PSW_MASK_PSTATE) {
                 struct task_struct *tsk = current;
 
-                tsk->thread.trap_no = interruption_code & 0xffff;
+                tsk->thread.trap_no = pgm_int_code & 0xffff;
                 force_sig_info(signr, info, tsk);
-                report_user_fault(regs, interruption_code, signr);
+                report_user_fault(regs, pgm_int_code, signr);
         } else {
                 const struct exception_table_entry *fixup;
                 fixup = search_exception_tables(regs->psw.addr & PSW_ADDR_INSN);
@@ -361,77 +315,77 @@ static void __kprobes inline do_trap(long interruption_code, int signr,
                         btt = report_bug(regs->psw.addr & PSW_ADDR_INSN, regs);
                         if (btt == BUG_TRAP_TYPE_WARN)
                                 return;
-                        die(str, regs, interruption_code);
+                        die(str, regs, pgm_int_code);
                 }
         }
 }
 
-static inline void __user *get_check_address(struct pt_regs *regs)
+static inline void __user *get_psw_address(struct pt_regs *regs,
+                                           long pgm_int_code)
 {
-        return (void __user *)((regs->psw.addr-S390_lowcore.pgm_ilc) & PSW_ADDR_INSN);
+        return (void __user *)
+                ((regs->psw.addr - (pgm_int_code >> 16)) & PSW_ADDR_INSN);
 }
 
-void __kprobes do_single_step(struct pt_regs *regs)
+void __kprobes do_per_trap(struct pt_regs *regs)
 {
-        if (notify_die(DIE_SSTEP, "sstep", regs, 0, 0,
-                                        SIGTRAP) == NOTIFY_STOP){
+        if (notify_die(DIE_SSTEP, "sstep", regs, 0, 0, SIGTRAP) == NOTIFY_STOP)
                 return;
-        }
         if (tracehook_consider_fatal_signal(current, SIGTRAP))
                 force_sig(SIGTRAP, current);
 }
 
-static void default_trap_handler(struct pt_regs * regs, long interruption_code)
+static void default_trap_handler(struct pt_regs *regs, long pgm_int_code,
+                                 unsigned long trans_exc_code)
 {
         if (regs->psw.mask & PSW_MASK_PSTATE) {
-                local_irq_enable();
-                report_user_fault(regs, interruption_code, SIGSEGV);
+                report_user_fault(regs, pgm_int_code, SIGSEGV);
                 do_exit(SIGSEGV);
         } else
-                die("Unknown program exception", regs, interruption_code);
+                die("Unknown program exception", regs, pgm_int_code);
 }
 
-#define DO_ERROR_INFO(signr, str, name, sicode, siaddr) \
-static void name(struct pt_regs * regs, long interruption_code) \
+#define DO_ERROR_INFO(name, signr, sicode, str) \
+static void name(struct pt_regs *regs, long pgm_int_code, \
+                 unsigned long trans_exc_code) \
 { \
         siginfo_t info; \
         info.si_signo = signr; \
         info.si_errno = 0; \
         info.si_code = sicode; \
-        info.si_addr = siaddr; \
-        do_trap(interruption_code, signr, str, regs, &info); \
+        info.si_addr = get_psw_address(regs, pgm_int_code); \
+        do_trap(pgm_int_code, signr, str, regs, &info);     \
 }
 
-DO_ERROR_INFO(SIGILL, "addressing exception", addressing_exception,
-              ILL_ILLADR, get_check_address(regs))
-DO_ERROR_INFO(SIGILL,  "execute exception", execute_exception,
-              ILL_ILLOPN, get_check_address(regs))
-DO_ERROR_INFO(SIGFPE,  "fixpoint divide exception", divide_exception,
-              FPE_INTDIV, get_check_address(regs))
-DO_ERROR_INFO(SIGFPE,  "fixpoint overflow exception", overflow_exception,
-              FPE_INTOVF, get_check_address(regs))
-DO_ERROR_INFO(SIGFPE,  "HFP overflow exception", hfp_overflow_exception,
-              FPE_FLTOVF, get_check_address(regs))
-DO_ERROR_INFO(SIGFPE,  "HFP underflow exception", hfp_underflow_exception,
-              FPE_FLTUND, get_check_address(regs))
-DO_ERROR_INFO(SIGFPE,  "HFP significance exception", hfp_significance_exception,
-              FPE_FLTRES, get_check_address(regs))
-DO_ERROR_INFO(SIGFPE,  "HFP divide exception", hfp_divide_exception,
-              FPE_FLTDIV, get_check_address(regs))
-DO_ERROR_INFO(SIGFPE,  "HFP square root exception", hfp_sqrt_exception,
-              FPE_FLTINV, get_check_address(regs))
-DO_ERROR_INFO(SIGILL,  "operand exception", operand_exception,
-              ILL_ILLOPN, get_check_address(regs))
-DO_ERROR_INFO(SIGILL,  "privileged operation", privileged_op,
-              ILL_PRVOPC, get_check_address(regs))
-DO_ERROR_INFO(SIGILL,  "special operation exception", special_op_exception,
-              ILL_ILLOPN, get_check_address(regs))
-DO_ERROR_INFO(SIGILL,  "translation exception", translation_exception,
-              ILL_ILLOPN, get_check_address(regs))
-
-static inline void
-do_fp_trap(struct pt_regs *regs, void __user *location,
-           int fpc, long interruption_code)
+DO_ERROR_INFO(addressing_exception, SIGILL, ILL_ILLADR,
+              "addressing exception")
+DO_ERROR_INFO(execute_exception, SIGILL, ILL_ILLOPN,
+              "execute exception")
+DO_ERROR_INFO(divide_exception, SIGFPE, FPE_INTDIV,
+              "fixpoint divide exception")
+DO_ERROR_INFO(overflow_exception, SIGFPE, FPE_INTOVF,
+              "fixpoint overflow exception")
+DO_ERROR_INFO(hfp_overflow_exception, SIGFPE, FPE_FLTOVF,
+              "HFP overflow exception")
+DO_ERROR_INFO(hfp_underflow_exception, SIGFPE, FPE_FLTUND,
+              "HFP underflow exception")
+DO_ERROR_INFO(hfp_significance_exception, SIGFPE, FPE_FLTRES,
+              "HFP significance exception")
+DO_ERROR_INFO(hfp_divide_exception, SIGFPE, FPE_FLTDIV,
+              "HFP divide exception")
+DO_ERROR_INFO(hfp_sqrt_exception, SIGFPE, FPE_FLTINV,
+              "HFP square root exception")
+DO_ERROR_INFO(operand_exception, SIGILL, ILL_ILLOPN,
+              "operand exception")
+DO_ERROR_INFO(privileged_op, SIGILL, ILL_PRVOPC,
+              "privileged operation")
+DO_ERROR_INFO(special_op_exception, SIGILL, ILL_ILLOPN,
+              "special operation exception")
+DO_ERROR_INFO(translation_exception, SIGILL, ILL_ILLOPN,
+              "translation exception")
+
+static inline void do_fp_trap(struct pt_regs *regs, void __user *location,
+                              int fpc, long pgm_int_code)
 {
         siginfo_t si;
 
@@ -453,26 +407,19 @@ do_fp_trap(struct pt_regs *regs, void __user *location,
                 else if (fpc & 0x0800) /* inexact */
                         si.si_code = FPE_FLTRES;
         }
-        current->thread.ieee_instruction_pointer = (addr_t) location;
-        do_trap(interruption_code, SIGFPE,
+        do_trap(pgm_int_code, SIGFPE,
                 "floating point exception", regs, &si);
 }
 
-static void illegal_op(struct pt_regs * regs, long interruption_code)
+static void __kprobes illegal_op(struct pt_regs *regs, long pgm_int_code,
+                                 unsigned long trans_exc_code)
 {
         siginfo_t info;
         __u8 opcode[6];
         __u16 __user *location;
         int signal = 0;
 
-        location = get_check_address(regs);
-
-        /*
-         * We got all needed information from the lowcore and can
-         * now safely switch on interrupts.
-         */
-        if (regs->psw.mask & PSW_MASK_PSTATE)
-                local_irq_enable();
+        location = get_psw_address(regs, pgm_int_code);
 
         if (regs->psw.mask & PSW_MASK_PSTATE) {
                 if (get_user(*((__u16 *) opcode), (__u16 __user *) location))
@@ -512,7 +459,7 @@ static void illegal_op(struct pt_regs * regs, long interruption_code)
                  * If we get an illegal op in kernel mode, send it through the
                  * kprobes notifier. If kprobes doesn't pick it up, SIGILL
                  */
-                if (notify_die(DIE_BPT, "bpt", regs, interruption_code,
+                if (notify_die(DIE_BPT, "bpt", regs, pgm_int_code,
                                3, SIGTRAP) != NOTIFY_STOP)
                         signal = SIGILL;
         }
@@ -520,13 +467,13 @@ static void illegal_op(struct pt_regs * regs, long interruption_code)
 #ifdef CONFIG_MATHEMU
         if (signal == SIGFPE)
                 do_fp_trap(regs, location,
-                           current->thread.fp_regs.fpc, interruption_code);
+                           current->thread.fp_regs.fpc, pgm_int_code);
         else if (signal == SIGSEGV) {
                 info.si_signo = signal;
                 info.si_errno = 0;
                 info.si_code = SEGV_MAPERR;
                 info.si_addr = (void __user *) location;
-                do_trap(interruption_code, signal,
+                do_trap(pgm_int_code, signal,
                         "user address fault", regs, &info);
         } else
 #endif
@@ -535,28 +482,22 @@ static void illegal_op(struct pt_regs * regs, long interruption_code)
                 info.si_errno = 0;
                 info.si_code = ILL_ILLOPC;
                 info.si_addr = (void __user *) location;
-                do_trap(interruption_code, signal,
+                do_trap(pgm_int_code, signal,
                         "illegal operation", regs, &info);
         }
 }
 
 
 #ifdef CONFIG_MATHEMU
-asmlinkage void 
-specification_exception(struct pt_regs * regs, long interruption_code)
+asmlinkage void specification_exception(struct pt_regs *regs,
+                                        long pgm_int_code,
+                                        unsigned long trans_exc_code)
 {
         __u8 opcode[6];
         __u16 __user *location = NULL;
         int signal = 0;
 
-        location = (__u16 __user *) get_check_address(regs);
-
-        /*
-         * We got all needed information from the lowcore and can
-         * now safely switch on interrupts.
-         */
-        if (regs->psw.mask & PSW_MASK_PSTATE)
-                local_irq_enable();
+        location = (__u16 __user *) get_psw_address(regs, pgm_int_code);
 
         if (regs->psw.mask & PSW_MASK_PSTATE) {
                 get_user(*((__u16 *) opcode), location);
@@ -592,35 +533,29 @@ specification_exception(struct pt_regs * regs, long interruption_code)
 
         if (signal == SIGFPE)
                 do_fp_trap(regs, location,
-                           current->thread.fp_regs.fpc, interruption_code);
+                           current->thread.fp_regs.fpc, pgm_int_code);
         else if (signal) {
                 siginfo_t info;
                 info.si_signo = signal;
                 info.si_errno = 0;
                 info.si_code = ILL_ILLOPN;
                 info.si_addr = location;
-                do_trap(interruption_code, signal, 
+                do_trap(pgm_int_code, signal,
                         "specification exception", regs, &info);
         }
 }
 #else
-DO_ERROR_INFO(SIGILL, "specification exception", specification_exception,
-              ILL_ILLOPN, get_check_address(regs));
+DO_ERROR_INFO(specification_exception, SIGILL, ILL_ILLOPN,
+              "specification exception");
 #endif
 
-static void data_exception(struct pt_regs * regs, long interruption_code)
+static void data_exception(struct pt_regs *regs, long pgm_int_code,
+                           unsigned long trans_exc_code)
 {
         __u16 __user *location;
         int signal = 0;
 
-        location = get_check_address(regs);
-
-        /*
-         * We got all needed information from the lowcore and can
-         * now safely switch on interrupts.
-         */
-        if (regs->psw.mask & PSW_MASK_PSTATE)
-                local_irq_enable();
+        location = get_psw_address(regs, pgm_int_code);
 
         if (MACHINE_HAS_IEEE)
                 asm volatile("stfpc %0" : "=m" (current->thread.fp_regs.fpc));
@@ -686,19 +621,19 @@ static void data_exception(struct pt_regs * regs, long interruption_code)
                 signal = SIGILL;
         if (signal == SIGFPE)
                 do_fp_trap(regs, location,
-                           current->thread.fp_regs.fpc, interruption_code);
+                           current->thread.fp_regs.fpc, pgm_int_code);
         else if (signal) {
                 siginfo_t info;
                 info.si_signo = signal;
                 info.si_errno = 0;
                 info.si_code = ILL_ILLOPN;
                 info.si_addr = location;
-                do_trap(interruption_code, signal, 
-                        "data exception", regs, &info);
+                do_trap(pgm_int_code, signal, "data exception", regs, &info);
         }
 }
 
-static void space_switch_exception(struct pt_regs * regs, long int_code)
+static void space_switch_exception(struct pt_regs *regs, long pgm_int_code,
+                                   unsigned long trans_exc_code)
 {
         siginfo_t info;
 
@@ -709,11 +644,11 @@ static void space_switch_exception(struct pt_regs * regs, long int_code)
         info.si_signo = SIGILL;
         info.si_errno = 0;
         info.si_code = ILL_PRVOPC;
-        info.si_addr = get_check_address(regs);
-        do_trap(int_code, SIGILL, "space switch event", regs, &info);
+        info.si_addr = get_psw_address(regs, pgm_int_code);
+        do_trap(pgm_int_code, SIGILL, "space switch event", regs, &info);
 }
 
-asmlinkage void kernel_stack_overflow(struct pt_regs * regs)
+asmlinkage void __kprobes kernel_stack_overflow(struct pt_regs * regs)
 {
         bust_spinlocks(1);
         printk("Kernel stack overflow.\n");
@@ -758,5 +693,6 @@ void __init trap_init(void)
         pgm_check_table[0x15] = &operand_exception;
         pgm_check_table[0x1C] = &space_switch_exception;
         pgm_check_table[0x1D] = &hfp_sqrt_exception;
-        pfault_irq_init();
+        /* Enable machine checks early. */
+        local_mcck_enable();
 }
diff --git a/arch/s390/kernel/vdso.c b/arch/s390/kernel/vdso.c
index 6b83870507d5..d73630b4fe1d 100644
--- a/arch/s390/kernel/vdso.c
+++ b/arch/s390/kernel/vdso.c
@@ -84,11 +84,7 @@ struct vdso_data *vdso_data = &vdso_data_store.data;
  */
 static void vdso_init_data(struct vdso_data *vd)
 {
-        unsigned int facility_list;
-
-        facility_list = stfl();
-        vd->ectg_available =
-                user_mode != HOME_SPACE_MODE && (facility_list & 1);
+        vd->ectg_available = user_mode != HOME_SPACE_MODE && test_facility(31);
 }
 
 #ifdef CONFIG_64BIT
@@ -207,7 +203,6 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp)
         if (!uses_interp)
                 return 0;
 
-        vdso_base = mm->mmap_base;
 #ifdef CONFIG_64BIT
         vdso_pagelist = vdso64_pagelist;
         vdso_pages = vdso64_pages;
@@ -237,8 +232,7 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp)
          * fail and end up putting it elsewhere.
          */
         down_write(&mm->mmap_sem);
-        vdso_base = get_unmapped_area(NULL, vdso_base,
-                                      vdso_pages << PAGE_SHIFT, 0, 0);
+        vdso_base = get_unmapped_area(NULL, 0, vdso_pages << PAGE_SHIFT, 0, 0);
         if (IS_ERR_VALUE(vdso_base)) {
                 rc = vdso_base;
                 goto out_up;
@@ -343,17 +337,17 @@ static int __init vdso_init(void)
 }
 arch_initcall(vdso_init);
 
-int in_gate_area_no_task(unsigned long addr)
+int in_gate_area_no_mm(unsigned long addr)
 {
         return 0;
 }
 
-int in_gate_area(struct task_struct *task, unsigned long addr)
+int in_gate_area(struct mm_struct *mm, unsigned long addr)
 {
         return 0;
 }
 
-struct vm_area_struct *get_gate_vma(struct task_struct *tsk)
+struct vm_area_struct *get_gate_vma(struct mm_struct *mm)
 {
         return NULL;
 }
diff --git a/arch/s390/kernel/vdso32/Makefile b/arch/s390/kernel/vdso32/Makefile
index d13e8755a8cc..8ad2b34ad151 100644
--- a/arch/s390/kernel/vdso32/Makefile
+++ b/arch/s390/kernel/vdso32/Makefile
@@ -22,6 +22,9 @@ obj-y += vdso32_wrapper.o
 extra-y += vdso32.lds
 CPPFLAGS_vdso32.lds += -P -C -U$(ARCH)
 
+# Disable gcov profiling for VDSO code
+GCOV_PROFILE := n
+
 # Force dependency (incbin is bad)
 $(obj)/vdso32_wrapper.o : $(obj)/vdso32.so
 
diff --git a/arch/s390/kernel/vdso32/clock_getres.S b/arch/s390/kernel/vdso32/clock_getres.S
index 9532c4e6a9d2..36aaa25d05da 100644
--- a/arch/s390/kernel/vdso32/clock_getres.S
+++ b/arch/s390/kernel/vdso32/clock_getres.S
@@ -19,9 +19,9 @@
         .type  __kernel_clock_getres,@function
 __kernel_clock_getres:
         .cfi_startproc
-        chi     %r2,CLOCK_REALTIME
+        chi     %r2,__CLOCK_REALTIME
         je      0f
-        chi     %r2,CLOCK_MONOTONIC
+        chi     %r2,__CLOCK_MONOTONIC
         jne     3f
 0:      ltr     %r3,%r3
         jz      2f                              /* res == NULL */
@@ -34,6 +34,6 @@ __kernel_clock_getres:
 3:      lhi     %r1,__NR_clock_getres           /* fallback to svc */
         svc     0
         br      %r14
-4:      .long   CLOCK_REALTIME_RES
+4:      .long   __CLOCK_REALTIME_RES
         .cfi_endproc
         .size   __kernel_clock_getres,.-__kernel_clock_getres
diff --git a/arch/s390/kernel/vdso32/clock_gettime.S b/arch/s390/kernel/vdso32/clock_gettime.S
index 969643954273..b2224e0b974c 100644
--- a/arch/s390/kernel/vdso32/clock_gettime.S
+++ b/arch/s390/kernel/vdso32/clock_gettime.S
@@ -21,9 +21,9 @@ __kernel_clock_gettime:
         .cfi_startproc
         basr    %r5,0
 0:      al      %r5,21f-0b(%r5)                 /* get &_vdso_data */
-        chi     %r2,CLOCK_REALTIME
+        chi     %r2,__CLOCK_REALTIME
         je      10f
-        chi     %r2,CLOCK_MONOTONIC
+        chi     %r2,__CLOCK_MONOTONIC
         jne     19f
 
         /* CLOCK_MONOTONIC */
diff --git a/arch/s390/kernel/vdso64/Makefile b/arch/s390/kernel/vdso64/Makefile
index 449352dda9cd..2a8ddfd12a5b 100644
--- a/arch/s390/kernel/vdso64/Makefile
+++ b/arch/s390/kernel/vdso64/Makefile
@@ -22,6 +22,9 @@ obj-y += vdso64_wrapper.o
 extra-y += vdso64.lds
 CPPFLAGS_vdso64.lds += -P -C -U$(ARCH)
 
+# Disable gcov profiling for VDSO code
+GCOV_PROFILE := n
+
 # Force dependency (incbin is bad)
 $(obj)/vdso64_wrapper.o : $(obj)/vdso64.so
 
diff --git a/arch/s390/kernel/vdso64/clock_getres.S b/arch/s390/kernel/vdso64/clock_getres.S
index 9ce8caafdb4e..176e1f75f9aa 100644
--- a/arch/s390/kernel/vdso64/clock_getres.S
+++ b/arch/s390/kernel/vdso64/clock_getres.S
@@ -19,9 +19,9 @@
         .type  __kernel_clock_getres,@function
 __kernel_clock_getres:
         .cfi_startproc
-        cghi    %r2,CLOCK_REALTIME
+        cghi    %r2,__CLOCK_REALTIME
         je      0f
-        cghi    %r2,CLOCK_MONOTONIC
+        cghi    %r2,__CLOCK_MONOTONIC
         je      0f
         cghi    %r2,-2          /* CLOCK_THREAD_CPUTIME_ID for this thread */
         jne     2f
@@ -39,6 +39,6 @@ __kernel_clock_getres:
 2:      lghi    %r1,__NR_clock_getres           /* fallback to svc */
         svc     0
         br      %r14
-3:      .quad   CLOCK_REALTIME_RES
+3:      .quad   __CLOCK_REALTIME_RES
         .cfi_endproc
         .size   __kernel_clock_getres,.-__kernel_clock_getres
diff --git a/arch/s390/kernel/vdso64/clock_gettime.S b/arch/s390/kernel/vdso64/clock_gettime.S
index f40467884a03..d46c95ed5f19 100644
--- a/arch/s390/kernel/vdso64/clock_gettime.S
+++ b/arch/s390/kernel/vdso64/clock_gettime.S
@@ -20,11 +20,11 @@
 __kernel_clock_gettime:
         .cfi_startproc
         larl    %r5,_vdso_data
-        cghi    %r2,CLOCK_REALTIME
+        cghi    %r2,__CLOCK_REALTIME
         je      4f
         cghi    %r2,-2          /* CLOCK_THREAD_CPUTIME_ID for this thread */
         je      9f
-        cghi    %r2,CLOCK_MONOTONIC
+        cghi    %r2,__CLOCK_MONOTONIC
         jne     12f
 
         /* CLOCK_MONOTONIC */
diff --git a/arch/s390/kernel/vmlinux.lds.S b/arch/s390/kernel/vmlinux.lds.S
index a68ac10213b2..56fe6bc81fee 100644
--- a/arch/s390/kernel/vmlinux.lds.S
+++ b/arch/s390/kernel/vmlinux.lds.S
@@ -77,7 +77,7 @@ SECTIONS
         . = ALIGN(PAGE_SIZE);
         INIT_DATA_SECTION(0x100)
 
-        PERCPU(PAGE_SIZE)
+        PERCPU_SECTION(0x100)
         . = ALIGN(PAGE_SIZE);
         __init_end = .;         /* freed after init ends here */
 
diff --git a/arch/s390/kernel/vtime.c b/arch/s390/kernel/vtime.c
index 3479f1b0d4e0..2d6228f60cd6 100644
--- a/arch/s390/kernel/vtime.c
+++ b/arch/s390/kernel/vtime.c
@@ -19,11 +19,13 @@
 #include <linux/kernel_stat.h>
 #include <linux/rcupdate.h>
 #include <linux/posix-timers.h>
+#include <linux/cpu.h>
+#include <linux/kprobes.h>
 
-#include <asm/s390_ext.h>
 #include <asm/timer.h>
 #include <asm/irq_regs.h>
 #include <asm/cputime.h>
+#include <asm/irq.h>
 
 static DEFINE_PER_CPU(struct vtimer_queue, virt_cpu_timer);
 
@@ -42,7 +44,7 @@ static inline void set_vtimer(__u64 expires)
         __u64 timer;
 
         asm volatile ("  STPT %0\n"  /* Store current cpu timer value */
-                      "  SPT %1"     /* Set new value immediatly afterwards */
+                      "  SPT %1"     /* Set new value immediately afterwards */
                       : "=m" (timer) : "m" (expires) );
         S390_lowcore.system_timer += S390_lowcore.last_update_timer - timer;
         S390_lowcore.last_update_timer = expires;
@@ -121,7 +123,7 @@ void account_system_vtime(struct task_struct *tsk)
 }
 EXPORT_SYMBOL_GPL(account_system_vtime);
 
-void vtime_start_cpu(__u64 int_clock, __u64 enter_timer)
+void __kprobes vtime_start_cpu(__u64 int_clock, __u64 enter_timer)
 {
         struct s390_idle_data *idle = &__get_cpu_var(s390_idle);
         struct vtimer_queue *vq = &__get_cpu_var(virt_cpu_timer);
@@ -161,7 +163,7 @@ void vtime_start_cpu(__u64 int_clock, __u64 enter_timer)
         idle->sequence++;
 }
 
-void vtime_stop_cpu(void)
+void __kprobes vtime_stop_cpu(void)
 {
         struct s390_idle_data *idle = &__get_cpu_var(s390_idle);
         struct vtimer_queue *vq = &__get_cpu_var(virt_cpu_timer);
@@ -314,13 +316,15 @@ static void do_callbacks(struct list_head *cb_list)
 /*
  * Handler for the virtual CPU timer.
  */
-static void do_cpu_timer_interrupt(__u16 error_code)
+static void do_cpu_timer_interrupt(unsigned int ext_int_code,
+                                   unsigned int param32, unsigned long param64)
 {
         struct vtimer_queue *vq;
         struct vtimer_list *event, *tmp;
         struct list_head cb_list;       /* the callback queue */
         __u64 elapsed, next;
 
+        kstat_cpu(smp_processor_id()).irqs[EXTINT_TMR]++;
         INIT_LIST_HEAD(&cb_list);
         vq = &__get_cpu_var(virt_cpu_timer);
 
@@ -565,6 +569,23 @@ void init_cpu_vtimer(void)
         __ctl_set_bit(0,10);
 }
 
+static int __cpuinit s390_nohz_notify(struct notifier_block *self,
+                                      unsigned long action, void *hcpu)
+{
+        struct s390_idle_data *idle;
+        long cpu = (long) hcpu;
+
+        idle = &per_cpu(s390_idle, cpu);
+        switch (action) {
+        case CPU_DYING:
+        case CPU_DYING_FROZEN:
+                idle->nohz_delay = 0;
+        default:
+                break;
+        }
+        return NOTIFY_OK;
+}
+
 void __init vtime_init(void)
 {
         /* request the cpu timer external interrupt */
@@ -573,5 +594,6 @@ void __init vtime_init(void)
 
         /* Enable cpu timer interrupts on the boot cpu. */
         init_cpu_vtimer();
+        cpu_notifier(s390_nohz_notify, 0);
 }